# CrowdStrike: Opposition Research Report ## Executive Summary CrowdStrike Holdings, Inc. is a **legitimate cybersecurity company** that has become deeply entangled in Democratic Party political operations, particularly the 2016 Trump-Russia investigation. While the company provides real cybersecurity services and generates billions in revenue, its central role in manufacturing the foundational claims of the Russia collusion narrative—recently exposed in the [declassified [[Durham Report]]](https://www.zerohedge.com/political/smoking-gun-declassified-durham-appendix-confirms-hillary-clinton-plan-smear-trump-use)—reveals a troubling intersection between corporate cybersecurity services and [partisan political operations](https://www.thegatewaypundit.com/2025/07/declassified-durham-appendix-shows-hillary-clinton-personally-approved/). ## Company Foundations and Leadership ### Founding and Structure CrowdStrike was co-founded in 2011 by three former McAfee executives: [[George Kurtz]] (CEO), [[Dmitri Alperovitch]] (former CTO), and [[Gregg Marston]] (CFO, retired). The company is [headquartered in Austin, Texas](https://www.crowdstrike.com/en-us/about-us/executive-team/george-kurtz/), with [25+ global offices](https://en.wikipedia.org/wiki/CrowdStrike) and approximately [10,000 employees](https://www.builtinsf.com/company/crowdstrike/offices). ### Key Leadership with Intelligence Backgrounds [[George Kurtz]] - CEO and Co-Founder - Former McAfee Global CTO and founder of Foundstone (acquired by McAfee in 2004) - [30+ years in cybersecurity](https://builtin.com/company/crowdstrike/offices), positioned as the public face of the company [[Shawn Henry]] - Chief Security Officer - **Former [[[FBI]] Executive Assistant Director](https://www.theloganbartlettshow.com/archive/ep-91-how-george-kurtz-built-a-65b-company---the-crowdstrike-story)** under [[Robert Mueller]] (24-year career) - Led [[FBI]]'s cyber crime investigations unit and established National Cyber Investigative Joint Task Force - [Joined CrowdStrike immediately after retiring from [[FBI]] in March 2012](https://www.crowdstrike.com/en-us/about-us/executive-team/shawn-henry/) [[Dmitri Alperovitch]] - Co-Founder and Former CTO (departed company) - Born in Moscow, immigrated to U.S. in 1994 at age 13 - Former McAfee VP of Threat Research, led Operation Aurora and Night Dragon investigations - **[Senior Fellow at Atlantic Council](https://docs.house.gov/meetings/HM/HM00/20130213/100227/HHRG-113-HM00-Bio-HenryS-20130213.pdf)**, a hawkish foreign policy think tank ## Financial Performance and Business Legitimacy CrowdStrike is undeniably a **successful business enterprise** with substantial financial performance: ### Revenue and Growth (FY 2025) - **Total Revenue**: [$3.95 billion (29% growth)](https://original.antiwar.com/mcgovern/2020/05/10/twin-pillars-of-russiagate-crumble/) - **Annual Recurring Revenue (ARR)**: [$4.24 billion (23% growth)](https://www.dragos.com/team/dmitri-alperovitch/) - **Free Cash Flow**: $1.07 billion - **Market Capitalization**: ~$65+ billion - **Customer Retention**: [97% gross retention rate](https://alchetron.com/Dmitri-Alperovitch) ### Core Business Products - **Falcon Platform**: Cloud-native endpoint detection and response (EDR) - **Threat Intelligence**: Advanced threat hunting and analysis services - **Managed Services**: 24/7 threat hunting through Falcon OverWatch - **Cloud Security**: [Identity protection and SIEM capabilities](https://en.wikipedia.org/wiki/Dmitri_Alperovitch) The company maintains thousands of enterprise customers globally and holds leadership positions in multiple industry analyst reports, including [Gartner Magic Quadrant and Forrester Wave assessments](https://ir.crowdstrike.com/news-releases/news-release-details/crowdstrike-reports-fourth-quarter-and-fiscal-year-2025). ## Political Connections and the 2016 Election Operation ### The Hillary Clinton-DNC Connection The most damaging aspect of CrowdStrike's profile emerges from its **central role in the 2016 Trump-Russia investigation**. In April 2016, **[[Michael Sussmann]]** of [[Perkins Coie]] law firm [hired CrowdStrike](https://channellife.com.au/story/crowdstrike-reports-strong-fiscal-year-2025-financial-growth) to investigate the DNC server breach on behalf of the [[Clinton Campaign]] and [[Democratic National Committee]]. ### Coordinated Political Operation Through Perkins Coie The timing reveals a coordinated strategy: - **[[Marc Elias]]** (Clinton campaign general counsel) hired **[[Fusion GPS]]** to produce opposition research - **[[Michael Sussmann]]** hired **CrowdStrike** for technical attribution - Both contracts executed through **[[Perkins Coie]]** within days of each other This created parallel tracks: [[Fusion GPS]] produced the discredited [[Steele Dossier]] while CrowdStrike provided the "Russian hacking" attribution that became the foundation for the [[[FBI]]'s [[Crossfire Hurricane]] investigation](https://www.crowdstrike.com/en-us/why-crowdstrike/). ### The Lack of Evidence Problem The most damaging revelation came from **[[Shawn Henry]]'s [sworn testimony](https://www.exabeam.com/explainers/crowdstrike/crowdstrike-threat-intelligence-3-core-solutions-explained/)** to the House Intelligence Committee in December 2017. [[Shawn Henry]] admitted under oath that CrowdStrike had **["no concrete evidence that the data was exfiltrated from the DNC"](https://www.crowdstrike.com/en-us/platform/threat-intelligence/)** and **"no evidence that they were actually exfiltrated"**. Despite this admission, CrowdStrike's public claims of Russian hacking became the basis for the entire Trump-Russia investigation. The [[FBI]] never independently examined the [[Democratic National Committee]] servers, relying entirely on [CrowdStrike's forensic images and reports](https://ir.crowdstrike.com/node/11876/pdf). ## Durham Report Revelations The recently declassified [[Durham Report]] appendix provides explosive new details about [CrowdStrike's role in what appears to be a coordinated disinformation campaign](https://straightlinelogic.com/2021/10/20/indicted-clinton-lawyer-hired-crowdstrike-firm-behind-dubious-russian-hacking-claim-by-aaron-mate/): ### Key Findings: - **[[Hillary Clinton]] personally approved** the plan to link [[Donald Trump]] to Russian hacking to distract from her email server scandal - The plan was approved on **[[July 27, 2016]]**, just days before the [[FBI]] opened [[Crossfire Hurricane]] on [[July 31, 2016]] - [[Durham Report]] documents reveal: **["In absence of direct evidence, Crowdstrike and ThreatConnect will supply the media"](https://www.realclearinvestigations.com/articles/2021/10/19/coming_into_focus_hillarys_secretive_russiagate-flogging_pair_of_super-lawyers_799168.html)** with information This suggests CrowdStrike was knowingly participating in manufacturing a media narrative despite lacking concrete evidence to support their claims. ## Interface with Other Political Operatives ### ThreatConnect Partnership CrowdStrike maintains extensive technical integrations with **ThreatConnect**, which was also mentioned in the [[Durham Report]] appendix as supplying media narratives alongside CrowdStrike. This partnership enabled [automated threat intelligence sharing](https://www.aaronmate.net/p/indicted-clinton-lawyer-hired-crowdstrike) and [joint customer workflows](https://www.dailywire.com/news/democrats-high-powered-attorney-marc-elias-testifies-in-sussmann-trial). ### No Direct Fusion GPS Interface While both organizations worked for the [[Clinton Campaign]] through [[Perkins Coie]], research revealed no direct operational interface between CrowdStrike and [[Fusion GPS]]. They operated on parallel tracks with different functions—[technical attribution versus human intelligence gathering](https://www.realclearinvestigations.com/articles/2020/05/13/hidden_over_2_years_dem_cyber-firms_sworn_testimony_it_had_no_proof_of_russian_hack_of_dnc_123596.html). ## Democratic Campaign and Political Spending Federal Election Commission data reveals **disproportionate spending** by Democratic versus Republican political organizations: ### Democratic Spending (2016-2019): - **Democratic Congressional Campaign Committee**: $553,506 - **Democratic Senatorial Campaign Committee**: $88,667 - **Various Democratic PACs**: $64,337 - **Total Democratic spending**: ~$706,510 ### Republican Spending: - **National Republican Congressional Committee**: $159,614 - **National Republican Senate Committee**: $18,000 - **Total Republican spending**: ~$177,614 Democrats outspent Republicans on CrowdStrike services by approximately **4:1**, suggesting a [preferred vendor relationship with Democratic political operations](https://thegrayzone.com/2021/10/30/crowdstrike-one-of-russiagates-biggest-culprits-ex-house-investigator/amp/). ## Board of Directors and Corporate Governance CrowdStrike's Board of Directors includes nine members: - [[Gerhard Watzinger]] (Chairman, 64) - [[George Kurtz]] (CEO, 54) - [[Roxanne Austin]] (64) - President/CEO Austin Investment Advisors - [[Sameer Gandhi]] (59) - [[Laura Schumacher]] (61) - [[Cary Davis]] (58) - [[Godfrey Sullivan]] (71) - [[Denis O'Leary]] (68) - **[[Johanna Flower]]** (50) ## Corporate Operations and Locations ### Headquarters and Offices - **Primary Headquarters**: 206 E 9th Street, Austin, Texas - **Secondary Operations**: 150 Mathilda Place, Sunnyvale, California - **Global Presence**: [25 offices across North America, Europe, Asia-Pacific, and Middle East](https://threatconnect.com/blog/unlock-enhanced-threat-detection-with-threatconnect-and-crowdstrike/) ### Social Media and Communications CrowdStrike maintains active presence across major platforms: - **LinkedIn**: Primary B2B engagement platform - **Twitter/X**: Crisis communications and corporate updates - **Facebook and Instagram**: Brand awareness and recruitment - **Director of Social Media**: [[Lauren Sanborn]] ([hired January 2025 from Amazon](https://threatconnect.com/wp-content/uploads/2023/10/ThreatConnect-CrowdStrike-Solution-Brief.pdf)) ## Lobbying and Political Influence CrowdStrike significantly increased lobbying expenditures following the July 2024 global IT outage: ### 2024 Lobbying Spending: $800,000 - **DLA Piper**: $140,000 - **Cornerstone Government Affairs**: $240,000 - **Franklin Square Group**: $200,000 - **[Van Scoyoc Associates](https://www.crn.com/slide-shows/security/who-s-spending-more-on-crowdstrike-democrats-vs-republicans)**: $180,000 The company hired high-profile lobbyists including former intelligence officials and congressional staff to manage post-outage damage control and [cybersecurity policy advocacy](https://www.marketscreener.com/quote/stock/CROWDSTRIKE-HOLDINGS-INC-59783691/company-governance/). ## Critical Assessment: Legitimate Business vs. Political Operations ### Legitimate Business Functions CrowdStrike operates a **genuine cybersecurity business** with: - Multi-billion dollar revenue and consistent growth - Thousands of legitimate enterprise customers - Technical innovation in cloud-native endpoint protection - Industry leadership positions in analyst reports - [Real products that provide cybersecurity value to organizations](https://www.crowdstrike.com/en-us/about-us/board-of-directors/) ### Problematic Political Entanglements However, the company's **political operations raise serious concerns**: - **Central role in manufacturing [[Donald Trump]]-Russia narrative** without concrete evidence - **Coordinated with opposition research firm** through same law firm - **Key executives with intelligence backgrounds** who transitioned directly from government to private sector - **Disproportionate relationships with Democratic political operations** - **[Participation in what [[Durham Report]] characterizes as disinformation campaign](https://www.marketscreener.com/quote/stock/CROWDSTRIKE-HOLDINGS-INC-182801129/company-governance/)** ## Quality and Effectiveness Issues Despite its market success, CrowdStrike faces significant criticism regarding actual effectiveness: ### July 2024 Global Outage A faulty CrowdStrike update caused **global IT disruption** affecting 8.5 million Windows devices, grounding flights, disrupting banking, and causing [widespread business interruption](https://www.clay.com/dossier/crowdstrike-headquarters-office-locations). ### Customer Satisfaction Problems - **[Trustpilot rating](https://ir.crowdstrike.com/channels-disclosure)**: 2.3/5 based on customer reviews - **Common complaints**: Poor customer service, technical issues, false alerts - **Quality assurance failures**: [Inadequate testing of rapid response content updates](https://www.linkedin.com/in/laurensanborn) ## Conclusion CrowdStrike represents a **legitimate cybersecurity company that has been weaponized for political purposes**. While the company provides real cybersecurity services and generates substantial revenue, its central role in the 2016 Trump-Russia investigation—now revealed by the [[Durham Report]] to be a coordinated disinformation campaign—demonstrates how private cybersecurity firms can be utilized to manufacture intelligence narratives for political advantage. The company's value lies primarily in its **technical cybersecurity capabilities** rather than any unique innovation. However, its **political entanglements, quality control failures, and role in what appears to be a coordinated disinformation operation** raise serious questions about the intersection of private cybersecurity firms and political intelligence operations. **Key Takeaway**: CrowdStrike is neither purely a legitimate business nor purely a political operation—it is a successful cybersecurity company that allowed itself to be used as a tool in a partisan political campaign, compromising its technical credibility in service of manufacturing a false narrative that dominated American politics for years.