Isabelle Lowe

@levie The demand is going to be massive - senior data/AI buyers are heavily prioritizing investments in AI deployment infra based on our 2,200+ 1h'26 discussions

Both Anthropic and OpenAI have new initiatives to help enterprises deploy AI agents within their organizations. This is a trend that’s early but going to get very big fast. As agents enter knowledge work beyond coding, there is very real work to upgrade IT systems, get agents the context they need, modernize the workflows to work with agents, figure out the human-agent relationship in the workflow, drive adoption and do change management, and much more. While AI models have an incredible amount of capability packed into them, there’s no shortcut to getting that intelligence applied to a business process in a stable way. This is creating tons of opportunities across the market for new jobs and firms, and the labs are equally recognizing the criticality here.

Where are senior tech buyers putting their money next? Straight into the AI stack

That's what customers are telling us - increasing spend on Atlassian due to AI-related workflows. 2 examples: "Our decision to increase our spend is driven by the transition from an experimental stage into a production grade AI capability, and you can't have reliable AI without a foundation of trusted and traceable data… We're increasing our investment into Atlan and Atlassian." "Almost all of this increased spend [on agents] is through Anthropic… Atlassian is a part of that. We find that we're calling the MCP, so using their MCP server extensively, both within the code review system and just within our code skills.

Atlassian’s results surprised Wall Street, but it shouldn’t be a surprise. The simple heuristic for the future of software is that when there are 100X more agents than people, which parts of software will grow because agents are doing more work that the underlying software is tied to. If the world generates more code, generates more leads, reviews more contracts, processes more invoices, creates more designs, transacts with more payments, and so on, what are the underlying systems that are managing that work? That will give you a hint as to what happens next. These agents still need guardrails, security, compliance, workflows to be tied to, data stored, and so on. Those parts of the system of record ecosystem will only go up over time in a world of 100X more untrusted (and trusted) agents used in your workflows.

Buyer signals point to more pain ahead for $CHKP Check Point's churn rate has been ~10pp above the industry average across all of our cybersecurity studies. Why buyers plan on leaving: performance and usability issues, a lack of comprehensiveness, and no best-of-breed reputation. Check Point continues to sit on the wrong side of the industry average across Spend, Replacements, Conversion, and Evaluations. And the conversion rate has worsened study over study, with buyers citing high costs, limited differentiation vs. competitors, and unnecessary complexity. One quote that sums it up: “We prioritize best-of-breed vendors that specialize in their respective domains. We are replacing Check Point and others, as we do not view them as long-term strategic partners.”

Non-human identities (NHIs) went from 3% of IAM buyer discussions to 38% in 12 months Agentic AI, expanding SaaS footprints, and API-driven architectures are creating machine identities faster than existing tools can manage

The $TEAM AI story that’s easy to miss In our 1H ‘26 Data Management and AI study, buyers increasing @Atlassian spend because of AI workloads are mostly doing it indirectly. Most common (indirect): *Confluence is a content source for RAG pipelines and semantic search *Agents are calling Atlassian via @AnthropicAI's MCP server *Internal AI agent platforms are driving more Atlassian spend Less common (direct) *Rovo as a driver (for chat, documentation, etc. use cases) Voice of the customer: "Our decision to increase our spend is driven by the transition from an experimental stage into a production grade AI capability, and you can't have reliable AI without a foundation of trusted and traceable data… We're increasing our investment into Atlan and Atlassian." "Almost all of this increased spend [on agents] is through Anthropic… Atlassian is a part of that. We find that we're calling the MCP, so using their MCP server extensively, both within the code review system and just within our code skills." Atlassian is benefitting from its exposure to AI-related workflows

Collaborative work management spending is stalling, based on our 2H '25 enterprise apps study. Seat penetration is plateauing and buyers are limiting rollouts to cut costs. We’re seeing more of the same in our ongoing 1H '26 study. $TEAM is impacted (28th percentile current account spend growth in enterprise apps), but theyʼre not alone - most competitors showed even sharper deceleration and weaker forward spend. Long term, Atlassian shows the greatest ability to survive consolidation vs. competitors. Atlassian’s strength: developer preference. As organizations consolidate tool spend, they need one platform that appeals to all departments. Atlassian fits the bill for the most technical employees. “Weʼre looking for tools with cross-departmental adoption, and $ASAN hasnʼt fit that. Our product and engineering teams prefer Confluence for their projects.” “Consolidation activity is happening, so we are trying to get rid of tools like $MNDY that do not support key security enterprise features. There's better options for us for that usage to be cannibalized by other tools like Jira.”

$CRWD management vs. buyer commentary on AI @CrowdStrike management on their F4Q26 earnings call: "AI is driving elevated demand for the Falcon platform and is a key accelerant for our business." Across our 1H '26 cybersecurity study, AI/automation was cited by 43% of organizations planning/maintaining spend or evaluating CrowdStrike, up from 38% last study. CrowdStrike shows 89% positive AI/automation alignment, outperforming most key competitors. Verdict: Aligned. Buyers confirm AI is a growing part of the demand story.

$CRWD customers in skew very positive on its AI capabilities Mentions of AI/automation from organizations increasing & maintaining spend or evaluating CrowdStrike up 5pp (from 38% in 2H ‘25 to 43% in 1H ‘26), showing that AI’s link to the CrowdStrike story is increasing in importance

Every day for the next long while, I'm going to tear down a new public software company and highlight the AI risks/opportunities around it- products launched to date, top startups, key quotes from earnings calls, etc. Day 35: CrowdStrike $CRWD Peak share price: $543.01 (Oct 31, 2025) Share price today: $450.26 EV today: $110.2bn ARR today: $5.25bn (+24% Y/y) NRR: 115% (97% gross retention) EV/ARR: 21x GAAP Operating Margin: 0% EV/Run-rate GAAP EBIT: N/A Headcount: 10,698 (+6% Y/y) What CrowdStrike does: CrowdStrike is far and away the number one provider of endpoint security, built around its Falcon agent, a lightweight sensor deployed on endpoints (PCs, servers, cloud workloads, mobile devices) that collects telemetry and sends it io the cloud for real-time threat detection, prevention and response. The company invented the modern endpoint detection/response (EDR) category, and has since sprawled from that core beachfront real estate (a sensor on every device/OS instance across the enterprise) into a sprawling suite of 28 modules spanning endpoint security, cloud security, identity, log management, and AI SOC capabilities. The world runs on machines defended by CrowdStrike, as evidenced by the widespread disruption in 2024 when 8m+ windows machines bricked due to a faulty update. AI bear case: Tough, to be honest, but on some level CrowdStrike is levered to white collar workers and their devices (one headwind the company has had to overcome is the decline in multi-device workers as desktop towers disappeared), so a prolonged decline in white collar employment could reduct total agents deployed. Beyond that, CrowdStrike would be vulnerable if some future advanced AI demonstrated a clear defensive advantage and "solved" big pockets of cybersecurity in a way that pressured budgets/priorities. AI bull case: CrowdStrike's core product has been AI since day one, as it is by far the largest company built on top of a core that would have been impossible without machine learning. Beyond that, cybersecurity has long been a top budget priority for companies and AI will only accelerate that, as attackers are already leveraging it to increase the sophistication and capabilities of their attacks. This quote from the most recent earnings call states the bull case better than I ever could: "Falcon is a vertically integrated net data creator and third-party data aggregator. We generate real-time data that no one else has from customer environments and our world-class threat intelligence. What frontier AI labs cannot do, we've been doing for over a decade, cyber reinforced learning from human feedback or RLHF at scale." AI traction: There's no AI hero SKU at CrowdStrike (beyond the original Falcon SKUs), but the company has been moving to a more flexible/consumption-based pricing model (Flex) and has cited success across various products. Adjacent AI-native startup summary: CrowdStrike's biggest true competitors are SentinelOne (public, $5bn market cap, $S) and Microsoft, which bundles endpoint protection for the world's less security-conscious or more budget-sensitive customers. Downmarket, vendors like Arctic Wolf and Huntress have had success serving smaller businesses with fully managed offerings- although Arctic Wolf manages CrowdStrike on behalf of some customers. Management Quotes: "AI is driving elevated demand for the Falcon platform and is a key accelerant for our business. At the same time, AI is weaponizing adversaries to attack with increased speed, sophistication and precision." "We see the AI revolution creating 2 disparate groups of software companies: Group 1, those who are now existentially vulnerable. These are historically nice-to-have technologies that are productivity features and point products geared to legacy pricing models; Group 2, those who will thrive. These are mission-critical, trusted infrastructure technologies necessary for global continuity with deep IP." "Falcon is a vertically integrated net data creator and third-party data aggregator. We generate real-time data that no one else has from customer environments and our world-class threat intelligence. What frontier AI labs cannot do, we've been doing for over a decade, cyber reinforced learning from human feedback or RLHF at scale." "Charlotte is our flagship agent, and now we have 10 other agents representing specific security skills and roles within security teams. Between Charlotte and our other agents, we can already see the mobilization of security's agentic workforce working hand in hand with human security professionals." "We saw Charlotte usage soar more than 6x year-over-year as ARR more than tripled." "We now have more than 1,600 customers who have adopted Falcon Flex and added more than 350 Flex customers in Q4. That amounts to nearly 4 new Falcon Flex customers each day of the quarter. The average Flex customer's ending ARR is greater than $1 million. The proof of Falcon adoption success is in the re-Flex. Customers are using what they buy and expanding their Flex commitments. More than 380 Flex accounts have already re-Flexed, representing more than 23% of the Flex customer base, up from 5% in Q1. The average ARR lift after a re-Flex is 26%, happening on average within 7 months." "As of Q4, our sensors detected more than 1,800 distinct AI applications running on enterprise devices, representing nearly 160 million unique application instances across our customer base." "AIDR has become one of our most in-demand products, growing more than 5x versus last quarter despite having only been available for a few weeks. AI adoption is moving faster than can be controlled, and our AIDR offering gives customers immediate visibility into their employees' usage of AI tools, including the specific models being used as well as detections into potentially malicious or noncompliant usage. Bringing model scanning, visibility, guardrails and detections to AI usage positions CrowdStrike as a catalyst for enterprise AI adoption." Commentary: CrowdStrike is a tentpole of a modern cybersecurity strategy and an absolutely critical partner to most of the world's largest companies. Its core data-creation capabilities create a true network effect and defensibility vs. AI native upstarts, and its execution has been nothing short of stellar, with @George_Kurtz belonging in the pantheon of all-time great software CEOs, managing through crises and executing a 33-module (!!) master plan with few notable missteps. This is well understood by the market- at 21x ARR, CrowdStrike is the third most expensive public software company on an EV/Rev basis, behind only $NET and $PLTR. From an investment perspective, the biggest challenge is that CrowdStrike has to continue executing against its own ubiquity- there are precious few enterprises that haven't adopted it or a competing solution, and much of its forward growth will have to come from expanding. There's no better team to bet on, but I can't say there's necessarily an edge to be had in betting on CrowdStrike due to AI- its strengths are (deservedly) well appreciated.

@buccocapital Of the 700+ discussions we've conducted in last 6 months with merchants on payments tech, <6% have mentioned agentic commerce. Not a 2026 story yet

“Visa just reported their fastest transaction volume growth in 4 years” How can this be true? I was told all commerce was being done by agents circumventing the rails with millions of seamless algorithmic jizzcoin microtransactions

@paulg Took our 4-month old to Stockholm last summer and had an amazing time (aside from the stroller on the cobbles). We were surprised at how much more reasonable the prices were compared to Copenhagen

"They're all wearing solid colors. People here don't wear patterns. This is my kind of place." — Jessica on Stockholm

Integration capabilities are now the #1 priority buyers care about when selecting vendors, overtaking AI Organizations need systems to actually talk to each other, and vendors that make that easy are winning deals One buyer put it: “We all talk about how important the data is to AI. The AI capability by itself is not attractive enough to justify you having business just for that.”

5/ Planned churn is rising too, but this isn't unique to Commvault. @wasabi_cloud, @Cohesity, @rubrikInc are all seeing elevated churn. Veeam is the outlier with only ~6% of customers citing a plan to churn. When buyers leave Commvault, the most common winners are $MSFT, $RBRK, $AMZN, and Veeam.

4/ The data still implies forward challenges for $CVLT. We've seen worsening conversion rates, with more organizations we’ve spoken to citing decisions against Commvault compared to six months ago. Top reason: complexity. Setup, upgrade cycles, too many SKUs. Some buyers still see them as legacy.

1/ $CVLT reported today. EPS beat, SaaS revenue +43% YoY. Our 1H '26 cybersecurity buyer data adds context the earnings don't show.

“Wiz has strong cloud context and workload visibility, and a growing number of ML enabled cloud workloads. It is letting us adopt business capability to extend CSPM into AI workloads.” – Engineering Lead @ Large Information Technology & Telecommunications Business, North America

“From a consolidation perspective, we are looking at Wiz… we prefer those tools that have AI-SPM, DSPM, and CSPM all integrated in one platform." – Director, Cybersecurity Risk @ Large Financial Services & Insurance Business, North America

@Google completed its $32B acquisition of Wiz in March. Today, Wiz is tied for the #1 most-evaluated AI security provider. Over 75% of customers using Wiz in our tracked AI security markets plan to increase their next twelve month spend, based on our 1H’26 study. Buyers already using Wiz for cloud security are extending into AI workloads: