The next big market opportunity in cybersecurity will be in cloud and app security.

Excited to launch this deep dive into software supply chain (SSC) security in collaboration w/ @clintgibler!

We provide a full breakdown of SSC security & risks.

Here is a summary of the piece: Software supply chain security can simply be defined as securing the software development process from beginning to end.

Our report focuses on 3-key phases of the software supply chain.

Across these phases, we discuss what constitutes SSC risks and processes for securing each.

I compiled a list of the best resources for cybersecurity operators, investors, and beginners getting into the space.

One of the most frequently asked questions I get:
"Francis, what are the best resources for learning cybersecurity fast?"

Here is a list that has worked for me: Company blogs are some of the best resources for learning about a new technical or cybersecurity topic (in simple grammar!).

- Cloudflare has one of the best, in my opinion
- Crowdstrike does a good job too
- Palo Alto Networks next

Eg Google; "What is SASE? - Cloudflare blog"

Crowdstrike and SentinelOne used to be serial competitors.

However, I'd argue that this macro env. has further drifted them apart.

Below are some quick notes from their recent earnings, but I want to go into more depth on the factors leading to this divergence in this thread: $CRWD and $S were founded 2-yrs apart.

Today, $CRWD generates $3.3B growing 35% YoY meanwhile, $S generates $600M and is estimated to grow 41%.

Why this divergence despite only 14-months apart?

My thesis is built around $CRWD's early decision to invest in its managed service.

Microsoft's $20B cybersecurity business is a mystery to many.

While Azure, Office 365, and Windows take center stage, its security unit is thriving and unknown.

In my latest deep dive, I examine its components and the secret behind its success in contrast to the competition: The security biz is primarily categorized into these areas:

Security:
- Microsoft Defender
- Microsoft Sentinel

Identity & Mgmt:
- Microsoft Entra
- Microsoft Intune

Compliance & Privacy:
- Microsoft Purview
- Microsoft Priva

I delve into each of these products in detail.

Learning to analyze financial statements can be confusing for beginners.

Just found a great resource from PWC that should help new investors and techies alike.

The report goes through some basic concepts with simplistic explanations: 🧵 Financial statements overview:

How do Snowflake and Databricks stack up?

Wolfe Research dove into the numbers and uncovered some interesting data points.

- How enterprises spend on $SNOW compared to Databricks
- Use cases for Databricks vs $SNOW
- Other data platforms like $MDB, $AWS

Here's what they found: How companies migrate between both platforms.

Fortinet just dropped this quarter:

- Product revenue growing 35% YoY, $2B run-rate
- Core rev growing 32% YoY, $5B RR
- Q1 FCF Margin, 51%
- Ops. Margins, 26%

Despite being labelled as 'legacy,' $FTNT continues to deliver ridiculous numbers!

I'll explain some of its drivers: The company's growth is being driven by:

1. Firewalls (yes - including hardware firewalls)
2. A vendor consolidator across network security w/ *lower* pricing than competitors
3. Benefitting from emerging growth areas like SD-WAN, OT Security and Zero-trust

Let's run thru each:

It's absurd: Microsoft dominates the security industry.

Everyone knows Microsoft Security generates $20B as the largest tech company offering security services.

However, few know about the pieces that make up the business.

After some digging, I was surprised with my findings: The security biz is broken down into the following six areas:

1. MSFT Defender
2. MSFT Sentinel
3. MSFT Entra
4. MSFT Intune
5. MSFT Priva
6. MSFT Purview

Latest [Microsoft Security CoPilot]

I'll go over each, key metrics and reasons for success:

Image h/t: @pgosavi7056

Pleased to share my full deep dive on SASE!

It provides a breakdown of everything you need to know on SASE & an in-depth review of the players to watch.

Some include:
- Zscaler
- Cloudflare
- Palo Alto N
- 12+ vendors which I cover

Here is the full report and key highlights: The report goes cover the following:

• The Basics: The Pre-SASE Era
• Definition of SASE
• Components of SASE
• Implementation of SASE
• The Key Players to Watch
• Who Wins The Final Prize?

Here is the piece if wanna jump right in!

investianalystnewsletter.substack.com/p/sase-breakdo…

By 2025, 65% of enterprises will have implemented a SASE component (up from 15% in 2021).

I want to highlight the differences between the top players competing in SASE - primarily $ZS, $NET and $PANW based on my research with experts: First, it's important to understand SASE and its many terminologies.

Highly recommended revisiting my original thread here:

https://twitter.com/InvestiAnalyst/status/1638015984140451840?s=20

SASE is the new buzzword in cybersecurity and investing circles, but what is it exactly?

This thread provides a comprehensive breakdown of the evolution of this technology and explains why it will define the next cybersecurity companies: (FYI - my Twitter is acting up. I posted this thread earlier, but Twitter removed my previous thread, and it all broke up. I've reposted it here for people that bookmarked it.)

If you've reviewed it already, ignore it. Thanks.

According to Gartner, SASE is going to be one of the most important technologies for the next decade.

If firewalls defined the last era of security companies, SASE will be the next battleground.

The tech is complex, but this thread aims to provide a simplified breakdown (Pt 1) When you see the ferocity of companies like Cloudflare taking jabs at ZScaler, it shows you they know important SASE will be toward defining the next era of cybersecurity companies
blog.cloudflare.com/descaler-progr…

This thread will focus on:

- Explaining SASE.
- Exploring the history

Palo Alto Networks has built the world's largest cybersecurity company. However, its story remains untold.

@rak_garg & I spent the last few months dissecting the rise of $PANW as it races to become the first $100B security company.

Here is a summary of our thesis and report: After founding and exiting two companies that were acquired by the founders of Fortinet, Nir Zuk founded $PANW in 2005.

This was when Checkpoint ($CHKP) and Juniper Networks (network security), along with McAfee and Symantec (Endpoint Anti-virus), were the giants in security.

Pumped to host this session w/ @BreakingSaaS!

Most tech investors struggle w/ 1 of 2 things:
1. Understanding the technical jargon behind SaaS. Or,
2. How to build a financial SaaS model

We're hosting a FREE session to help using $DDOG as a case study.

Here is what you'll get: I'll talk about the tech behind $DDOG based on my experience in Venture capital:

• What $DDOG does / product suite (in SIMPLE lingo)
• Framework for observability & security
• How they maintain a high R&D > S&M than many SaaS Cos
• GTM sales, L&E and CAC
• What's the moat?

Contrary to popular opinion, I'd argue that Fortinet is a much better business than Palo Alto Networks. I fell into this trap for a long-time until I dug deeper. I'll review five key points: Let's review what each company does.

Both are network security providers whose foundations come from firewalls.

Essentially, if you work for a large co, they provide a layer that protects & inspects your company's internet traffic against hacks when you visit external sites.

A couple of data points on IT spending into 2023:

BCG CIO survey shows that Cloud and security spend continues to be a top priority.

Based on the slowdown from the hyperscalers, it begs the question of what we should expect from other software cos at the app layer. 1/4 Surprisingly, MS Q4 2022 survey shows similar results from their CIO survey albeit, security software edging out Cloud. 2/4

Pleased to publish this report on the DevOps Industry!

Brief thread on why DevOps continues to be interesting: 1/

https://twitter.com/Contrary_Res/status/1587497713863491584

It's been 4yrs since $MSFT acquired GitHub for $7B (Roughly $GTLB's price tag today)

Shortly thereafter, many investors started to pay more attention to the sector with the rise of $GTLB and other platforms.

Open-source, cloud, and distributed architecture have benefited DevOps

We're still accepting applications for our [@contary_res] Research Fellowship!

Calling all researchers, writers, and investors. Fellows play a key role in helping to shape our research. 1/6 We've structured our work at @Contrary_res around an Open-Source model, as stated elegantly below by @kwharrison13

We publish our research to the world for free and work with domain experts, researchers, and technologists to help us shape our research.
investing1012dot0.substack.com/p/open-source-…

We're pleased at @contrarycapital to announce Contrary NYC!

A 4000+ sq ft creative space for entrepreneurs, builders, and technologists in New York! People have always been at the heart of @contrarycapital

New York City's energy is unmatched, and the city is quickly becoming a tech hub for the smartest builders.

We've decided to merge both worlds together in this unique space.

Today, we published our in-depth report comparing Snowflake vs. Databricks.

The report covers everything you need to know about both companies from a product roadmap perspective, GTM, financial metrics to their strategies for winning the data stack: 1/4 2/It's a detailed report that explores the convergence between these two data giants.

Both companies started on different ends of the spectrum, but over the past 2 yrs, they've increasingly converged.

We wanted people to see the dynamic in the report: research.contrary.com/reports/databr…

I'm excited to share that I've joined @contrarycapital to build out our research arm!

Today, we're pleased to launch @Contrary_Res, a platform for finding high-quality research on private tech companies: 1/10 2/ Today, we've published over 25+ company memos and deep-dive analyses into the following companies below!

Let me explain the context behind our platform and the why: