In case you missed it from this earnings season:

• Trade Desk Earnings Review

• DraftKings & Coupang Earnings Reviews

• Shopify & Mercado Libre Earnings Reviews

• Uber Earnings Review

• Palo Alto & Snowflake Earnings Reviews

• Apple & Duolingo Earnings Reviews

• AMD & Datadog Earnings Reviews

• Lemonade Earnings Review

• Sea Limited & Cava Earnings Reviews

• Palantir & Hims Earnings Reviews

• Airbnb Earnings Review

• SoFi Earnings Review

• PayPal Earnings Review

• Meta, Robinhood & Starbucks Earnings Reviews

• Amazon & Microsoft Earnings Reviews

• Alphabet Earnings Review

• Tesla Earnings Review

• Chipotle Earnings Review

• ServiceNow Earnings Review

• Netflix & Taiwan Semi Earnings Reviews

• Nu, On Running & Cloudflare Earnings Reviews.

Table of Contents

• In case you missed it from this earnings season:

• 1. SentinelOne (S) — Earnings Review

  • a. SentinelOne 101

  • b. Key Points

  • c. Demand

  • d. Profits & Margins

  • e. Balance Sheet

  • f. Annual Guidance & Valuation

  • g. Call & Release

  • h. Take

• 2. Nvidia (NVDA) – Earnings Review

  • a. Nvidia 101

  • b. Important Reminder & Key Points

  • c. Demand

  • d. Profits & Margins

  • e. Balance Sheet

  • f. Guidance & Valuation

  • g. Call & Release

  • h. Take

1. SentinelOne (S) — Earnings Review

a. SentinelOne 101

SentinelOne directly competes with CrowdStrike, Microsoft Defender and Palo Alto in endpoint security. It’s also quickly expanding into cloud security, which adds Zscaler and pretty much every large next-gen platform as competition.

It specializes in small-and-medium-sized business (SMB) clients and is expanding up-market. While CrowdStrike’s overarching platform is called Falcon, SentinelOne’s comparable suite is called the “Singularity Platform.” Core products include Endpoint Detection and Response (EDR). EDR offers constant monitoring and protection of endpoints (like a company iPhone). It unveils, prioritizes and responds to observed threats. Like CrowdStrike, it offers highly autonomous services and a slick, lightweight agent to drive efficient work and interoperability. This, in turn, means overarching coverage and superior breach protection vs. legacy incumbents.

Also similar to CrowdStrike, SentinelOne boasts a complementary data analytics platform (which it calls the Singularity Data Lake). This lake can ingest structured data from a multitude of diverse security products. It’s the perfect sidekick for everything it offers, as it can seamlessly collect data once, and recycle that data across as many relevant use cases as it needs to. This capability is especially important for the firm’s Extended Detection and Response (XDR). XDR is simply EDR with more diverse data usage to extend protection beyond solely the endpoint.

The Singularity Data Lake ingests data via “log scale,” which means logarithmically organizing and storing information. The company also says customers get lower cost and faster querying speeds with it. The service of aggregating data (or “logs”) to help organizations uncover and remediate threats is called Security Information and Event Management (SIEM). It recently launched an AI-augmented SIEM tool… fittingly named AI SIEM.

All in all, there are three compelling effects of this product architecture:

• Open, inter-platform data sharing leads to more effective algorithm seasoning to drive better coverage and false positive minimization.

• Cross-selling is especially margin accretive for this business model. SentinelOne incurs most of its customer costs as it deploys its first module; cross-sells are almost pure margin.

• Seamless expansion into other relevant security niches…

Just like CrowdStrike (noticing a theme?), it’s also actively expanding into cloud security. Important cloud security acronyms:

• CNAPP = Cloud Native Application Protection Platform. This is a buzz phrase used to describe a firm’s full set of cloud tools.

• CWP = Cloud Workload Protection. It’s an agent-based, preventative cloud protection tool to observe any bad behavior by cloud environment entrants. It sounds the alarm bell for SentinelOne’s automated breach protection and, if needed, the Managed Detection and Response (MDR) threat hunting team (called Vigilance).

• CSPM = Cloud Security and Posture Management. CSPM reports vulnerabilities and conducts configuration analysis in any cloud environment. It can flag improper permissions or hygiene. It doesn’t stop breaches in isolation, but does offer needed alerts, which frees other cloud tools like CWP to do so.

  • It acquired PingSafe to expedite delivery of this key cloud capability and bring its product suite closer to parity with CrowdStrike.

  • Launched AI Security Posture Management (AI-SPM) to extend its CSPM offering to AI apps and models. CSPM tools are repurposed here to offer the same misconfiguration and hygiene issue-flagging services in the world of GenAI. 

• Cloud Infrastructure Entitlement Management (CIEM). CIEM offers seamless oversight of access controls/entitlements for cloud assets. It can “detect over-privileged humans and machines, pinpoint toxic permission combinations and curtail risk with greater speed and efficiency.” This was one of the largest product gaps remaining between SentinelOne’s suite compared to Palo Alto and CrowdStrike.

• It more recently added runtime security to stop breaches in cloud environments.

Agent vs. Agentless in Cloud:

CWP takes an agent-based approach, while CSPM is agentless. Agent-based requires a direct software installation, while agentless does not. One isn’t objectively better than the other. Agentless is considered cheaper, easier to deploy and easier to scale. It’s perfect for lower-stakes use cases like configuration analysis and is an ideal complement to CWP. Companies just starting out with finite budgets, massive potential scaling needs and a lack of hyper-sensitive data can adopt an agentless approach. Agent-based is considered more comprehensive and has more complete visibility. Industries with tighter regulation, more sensitive assets, a need for real-time EDR and more complex compliance are well served by agent-based. By offering both, SentinelOne can address both markets, thus eliminating the need for disparate point solutions.

GenAI:

PurpleAI is SentinelOne’s overarching GenAI platform layer to up-level its product offering. It’s quite similar to CrowdStrike’s Charlotte AI, in that it can actively detect anomalies, summarize cases, help orchestrate remediations and fix issues with a human analyst’s permission. All of this pushes beginner-level security analysts to much higher levels of capability. This matters a lot in our budget and talent-constrained world.

b. Key Points

• Underwhelming quarter.

• Decent cross-selling traction.

• New $200M buyback program.

• Strong remaining performance obligation (RPO) growth.

c. Demand

• Beat revenue estimate & beat identical guidance by 0.4% each.

• Missed ARR estimate by 0.4%. Missed net new ARR (NNARR) estimate & missed identical guidance by 12.5% each.

• Missed $100,000+ ARR customer estimate by 1%.

The bright spot of this quarter’s demand was 33% Y/Y remaining performance obligation (RPO) growth; this was 5% ahead of expectations.

d. Profits & Margins

• Slightly beat 79% GPM estimate & slightly beat identical guidance.

• Slightly beat -$4.6M EBIT estimate by $700,000 & slightly beat identical guidance.

• Met $0.02 EPS estimate.

• Comfortably beat $25M FCF estimate by $20M.

e. Balance Sheet

• $770M in cash & equivalents.

• $439M in long-term investments.

• 5.9% Y/Y share dilution. This must slow down faster than it currently is. It did announce a new $200M buyback, but I’d love to see a little stock comp discipline to complement that help.

f. Annual Guidance & Valuation

Subscribe to our premium content to read the rest.