SentinelOne Thesis | Sycamore Portfolio Update [July 2024]
Continued generational shift drives success at AmEx & my Deep Dive on SentinelOne
Monthly Returns
Sycamore Capital Portfolio // +7.62%
S&P 500 // +1.13%
Differential // +6.49%
Year-to-date Returns
Sycamore Capital Portfolio // +52.28%
S&P 500 // +15.78%
Differential // +36.50%
Current Holdings
Transactions in July
Increased S by 2,000% @ ~$20 /sh
Decreased NVDA by 34% @ ~$130 /sh
Sold out BATRK @ ~$43 /sh
A Few Thoughts Upfront
I continued to aggressively sell down a large portion of NVDA for reasons I’ve already mentioned here and here. It proved to be good timing, at least in the short term.
Tesla was the best performing stock for Sycamore during the month at +17.28%. Also good timing on that purchase two-three months ago.
I sold out of Atlanta Braves Holdings after the obnoxiously long deep dive on it two months ago (see “Calling Malone’s Bluff” here). I made 10-12% on a very slow moving stock in short order and felt having a hearty cash position for August-November volatility would be fun! I’m not opposed to buying it back if it traded back down to <$38.
American Express Earnings & My Favorite KPIs
Revenue and Earnings: American Express reported record revenue of $16.3 billion, an 8% increase (9% FX-adjusted) year-over-year. Earnings per share (EPS) grew 44% to $4.15, or 21% to $3.49 excluding a transaction gain.
Full-Year EPS Guidance: The company raised its full-year EPS guidance to a range of $13.30 to $13.80, up from the previous range of $12.65 to $13.15 (an increase of 5% at the midpoint).
Performance Drivers: The strong performance was driven by the quality of Amex's premium customer base, increasing business scale, expense discipline, and strategic investments.
Millennials and Gen Z: This segment continues to be the fastest growing demographic of US Consumer billed business, growing 13% y/y. While Gen X grew at 5% and Baby Boomers at 2%.
Business Growth: Since 2021, American Express has significantly grown its business, increasing revenues by nearly 50% and card member spending by almost 40%, while adding around 23 million new cards and over 30 million merchant locations.
Updates to KPIs I think are interesting: AXP Consumer Billed Business by Age Cohort/Proprietary Cards & Card Fees
DEEP DIVE
SentinelOne Thesis (NYSE: S)
Basic Working Thesis
Founder led business with top tier technology and engineering standards (see S1 MITRE RESULTS and Glassdoor reviews below)
Operates in high-growth, non-discretionary sector of the Tech industry. Cybersecurity market size opportunity growing to $2T (according to this McKinsey Report)
Trading at ~25% discount (7x EV/Rev) to median 9.4x EV/Rev multiple for high growth software (high growth = >30%). S is expected to grow low-mid 30% y/y
Three-quarters of ARR growth coming from new customers, compared to Crowdstrike with only one-third ARR growth from new customers
One of the largest margin expansion stories in software with visibility for further improvement and profitability
New product offerings including Cloud, Data Lake, and Purple AI (fastest growing segments of the business)
Crowdstrike meltdown is sure to at least fill up S pipeline of new business opportunities and possible industry shift to multi-vendor instead of single-vendor, benefiting the smaller players like S
The Fed is at the very beginning of a rate cut cycle
High probability acquisition target as hyperscalers are looking to secure their network/cloud/data (e.g. Google trying to buy Wiz)
The Company
SentinelOne, Inc. operates as a cybersecurity provider in the United States and internationally. Its Singularity Platform delivers an artificial intelligence-powered autonomous threat prevention, detection, and response capabilities across an organization's endpoints, cloud workloads, and identify credentials, which enables seamless and autonomous protection against a spectrum of cyber threats. In addition, it offers endpoint protection, endpoint detection and response, cloud and identity security, attack surface management, mobile endpoint security, xdr power tools, watchtower, and vigilance MDR. The company was formerly known as Sentinel Labs, Inc. and changed its name to SentinelOne, Inc. in March 2021. SentinelOne, Inc. was incorporated in 2013 and is headquartered in Mountain View, California.
[SentinelOne] is at the intersection of massive market opportunities and critical enterprise needs. - David Bernhardt, CFO
Financials
In it’s latest earnings report, SentinelOne grew revenue at 40% y/y and ARR at 35% y/y to $762M. It is actually the fastest growing software company (on y/y basis) in the public market based on Q1 results (source: Jamin Ball/Altimeter)
Customers with $100K+ of ARR grew 30% y/y
Customer with $1M+ of ARR grew >40% (source: BofA Securities)
S is the largest margin expansion story among public software companies.
Non-GAAP gross margin from 75% to 79% y/y (+4%)
Non-GAAP operating margin from -38% to -6% y/y (+32%)
Free cash flow margin from -24% to +18% y/y (+42%)
$1.1B of cash on the books and $0 debt
Glassdoor Research
One of my favorite things to do when trying to evaluate a business is to spend a significant amount of time reading Glassdoor reviews of the company from the people who have and who do work there. I also do the same for their close competitors. I want to see that employees like working for the company and that focus on technology and innovation is a clear priority.
Here are a series of screenshots of recent employee reviews.
In comparison, here is a review for Crowdstrike. And full disclosure, I didn’t screenshot the worst one. The reviews for S1 were night and day from Crowdstrike (note: this was before the IT outage).
PurpleAI
S mentions that there’s nothing quite like Purple AI on the market, and while I can’t personally verify that, what stands out to me is its open architecture. This platform integrates seamlessly with products from other vendors, allowing organizations to enhance their existing cybersecurity setups. By overlaying Purple, they can achieve faster, autonomous and more accurate threat detection and mitigation. The potential for open platforms and multi-vendor environments is compelling, and I’m intrigued by the possibilities this product could bring to the conversation.
Valuations & Software Comps
I believe SentinelOne is heading towards a future where it deserves a 10x EV/Rev multiple. What does it take for a software company to garner a >10x multiple? I found this article by
from Altimeter Capital super insightful and recommend his weekly software coverage update.
Acquisition Target
BG2 Podcast talking about Microsoft and Crowdstrike issue. They believe Microsoft will need to bolster security offering through acquisition. Listen/watch here
All In Podcast talking about Google’s need to acquire a security vendor for their cloud product following Wiz turning them down. Listen/watch here
Rate Cuts
Rate cuts are impactful to software valuations (look what happened to software stocks in 2022 when rates were being hiked). The bottom line of why rate cuts are beneficial, especially to software, is because lower interest rates can increase the present value of future earnings. Since many software companies have high growth potential and significant future earnings, a lower discount rate (resulting from lower interest rates) can make these future earnings more valuable, thus boosting stock prices via expanding multiples.
Risks
Overreliance on stock-based comp to retain and hire talent
Dilution from stock-based comp
Not a profitable business - negative operating and net profit margins
Extreme competition - competitive marketplace for security products, technology disruptions
Crowdstrike Fallout
Enterprises are possibly going to be shifting to open architecture and multi-vendor security solutions, according to SentinelOne Founder and CEO, Tomer Weingarten:
“In the past couple of years, there was this vendor push towards consolidation, which also consolidates a lot of risk in one place. And I actually said on our last earnings call, I called that out — and I said, look, it's only in the benefit of the vendor to tell you to buy everything from a single platform. It's never advisable to have all your eggs in one basket in cybersecurity. It's just not the proper risk mitigation strategy. So, as you kind of see what's happening right now, I think a lot of customers are just pausing and rethinking their security decisions. I see the same with partners. There's definitely a pause on the expansion. Folks are trying to discern, what is my best strategy to reduce risk? How do I reduce single-vendor risk in my environment? I think it's becoming more sane now, actually. Because moving everything to one single point of failure platform architecture, I just can't understand it. I wouldn't even advise my customers to put everything on my platform. It’s a choice. You should choose that only if you feel like that is building more resilience in your network. Supporting open architectures that can bring together different products is the right way. And being transparent about architecture is the right way. Just trying to convince everybody that they should just go on your platform, that's the best thing in the world—which serves only you as a vendor—it’s just not the right way to do it.” (source)
Interview with Delta CEO on their team calling into question their overreliance on Crowdstrike:
Price Target
I project a target price of $32.50 per share within the next 12 months, reflecting a potential 55% upside. This is based on an estimated $910 million in revenue (35% y/y growth) and a 10x EV/Revenue multiple.
You stated you be interested in owning Atlanta Braves Holdings if the price went down to $38…why not sell some puts and collect the premium until it hits your target?