AI Cybersecurity Stocks – SentinelOne vs. Darktrace

It’s coming up on two years since we visited The World’s Most Elite Cybercrime Fighting Unit in Moscow to learn about just how financially motivated hackers are. More than 90% of all cybercrimes in the world now involve money theft, something America’s energy industry and dead cow industry have come face to face with. Along with an increase in cybercrime comes an increased interest in cybersecurity stocks. Today, we’re going to look at two new entrants to the burgeoning cybersecurity industry – SentinelOne and Darktrace (DARK.L) – both of which use artificial intelligence (AI) as a competitive advantage.

Why AI in Cybersecurity?

Understanding the world of cybersecurity is a challenge for those who work full-time doing nothing but. Still, anyone who remembers those incessant prompts by Norton to “update your antivirus software” can quickly understand the value proposition AI brings to the table. Back in the olden days, viruses were recognized by pre-defined patterns. If you didn’t have the most up-to-date list of patterns, your machine wouldn’t recognize when the bad man came a-knockin’. Today, it’s all about recognizing problems immediately as they’re first being manifested. This is often referred to as handling a “zero-day attack.”

A “zero-day attack” exploits a weakness within a piece of software or application that is either unknown, or for which a patch has not yet been released.

Credit: Darktrace

The reason AI works so well for cybersecurity applications is because of Rumsfeld’s “unknown unknowns.” It’s impossible to predict the next way hacking groups plan to infiltrate your enterprise, but you can bet AI algorithms will spot the problems quicker than humans will. DeepMind’s latest flavor of artificial general intelligence (AGI), MuZero, is now able to “create winning strategies in unknown environments without knowing the rules.” Atari games today, your enterprise tomorrow. AI is the future of cybersecurity, and that’s why the biggest cybersecurity companies out there – who are developing their own AI solutions – are paying close attention to SentinelOne.

About SentinelOne Stock

Click for company website

We first came across SentinelOne back in 2017 in our piece on 4 AI Cybersecurity Startups Using Predictive Analytics” noting they were emerging as a leader in AI cybersecurity startups. After taking in nearly $700 million in funding, the company has now filed for an initial public offering (IPO). (Their last funding round was a $267 million Series F that closed in November 2020.) Retail investors can soon buy shares in “the world’s first purpose-built AI-powered extended detection and response, or XDR, platform.”

SentinelOne considers CrowdStrike (CRWD) to be “their main competitor,” so that gives you some clue as to what they do. Both of these companies offer distributed AI models that run locally on every endpoint, and in the cloud for every cloud workload, to watch out for bad things. (An endpoint simply refers to a computer, laptop, or any other device that is at the “end” of a company’s IT infrastructure.) Here’s the top half of the “Gartner 2021 Magic Quadrant for Endpoint Protection Platforms” which shows Microsoft (MSFT) and CrowdStrike as two leaders dueling it out, while SentinelOne watches from below.

Credit: Gartner

We like Gartner quadrants because they show us who is competing in any particular space. With a market cap of nearly $2 trillion, Microsoft has a lot of resources and existing channels they can use to sell endpoint solutions, yet CrowdStrike has come out of nowhere to achieve 40X the valuation they were four years ago and emerge as one of the biggest cybersecurity companies out there.

Getting back to SentinelOne, their S-1 filing document describes a software-as-aservice (SaaS) business that’s enjoying steady growth with more than 4,700 customers. The nice thing about SaaS businesses is that they all use similar metrics, one being “annualized recurring revenue” or ARR. This number represents how much money a company would bring in annually if nothing else changed (no new customers, every existing customer renewed, no price changes, no cancels, etc.).

Credit: Nanalyze

With 70% of SentinelOne’s revenues coming from inside the United States, there’s lots of room for international expansion. Today, a $28 billion total addressable market (TAM), and by 2024, $40 billion. The platform’s appeal will probably stand up well to economic turmoil, given it can show companies a return on investment (ROI) in just months. Some of that ROI comes from doing more with less.

With the cybersecurity market growing like wildfire, there’s an estimated three million empty requisitions for cybersecurity professionals. The shortage is further aggravated by the large number of security solutions that companies have deployed over time, many of which generate large volumes of alerts that security teams have to sift through and make sense of. SentinelOne helps cybersecurity professionals make sense of all that noise, and so does our next company.

About Darktrace Stock

Click for company website

We first wrote about Darktrace four years ago in a piece titled “Darktrace Creates Enterprise Immune System Using AI.” Today, they’re a publicly traded company with a $3.3 billion market cap after their IPO which began trading in April 2021. The first sentence of their offering document puts AI front and center. “Darktrace is a world leading provider of AI for the enterprise, with the first at scale deployment of AI in cyber security,” says the company, noting that 74% of Darktrace’s trial deployments in 2020 detected serious vulnerabilities that quite often evaded other defenses.

Giving a customer a demo and highlighting their inadequacies is an extremely effective method of selling. Also called “proof of value,” it’s similar to how KnowBe4 sells their security awareness solution. The Darktrace sales team are all PhD types – poor, hungry, and determined – energetic graduate hires from top universities with strong academic qualifications. And their approach seems to be working, as the company closes in on $200 million in annual revenues, 65% of which are captured through direct sales.

Credit: Nanalyze

Substantially all of Darktrace’s revenues are derived from subscription-based contracts with an average duration of three years. The group currently serves over 4,700 customers in over 100 countries with a geographical revenue breakdown as follows:

  • U.K. – 18.1%
  • Europe ex-U.K. – 20.5%
  • North America – 39.4%
  • Rest of World – 22%

What all these customers are buying is a closed-loop cybersecurity solution that uses sensors placed in a customer’s technology environment. These sensors can be delivered virtually (in software) or physically (using an appliance) and are commonly used in combination. Once the algorithms understand your organization, they will then autonomously detect, investigate, and respond to threats. That word “autonomous” is what every CIO likes to hear because it helps address the aforementioned shortage of cyber professionals by augmenting human cyber security teams.” Darktrace says using AI reduces triaging time by up to 92% while automatically writing reports in executive-friendly language.

The Darktrace platform extends to the workplace (the Enterprise Immune System) and the factory floor (the Industrial Immune System), and it’s this ability to navigate unknown environments with ease that makes AI such a good fit for cybersecurity applications.

SentinelOne Stock vs. Darktrace Stock

We’ve already made the decision to get our cybersecurity exposure from an ETF instead of trying to cherry-pick a winning cybersecurity stock from the dozens out there. Still, we’d like to arrive at some conclusion here. If we had to pick one of these stocks, which one would we invest in?

Brits vs Yanks

While both companies dabble in the same field with about the same number of customers, a big difference between the two is that one trades in the U.K., and the other trades in ‘Murica. We’ve talked before about how U.K.-traded tech firms don’t enjoy the premiums of their American counterparts (cough, Blue Prism, cough).

While companies complain that U.K.-traded tech firms don’t get the love they deserve, we think that’s a good thing for investors. Would you prefer to buy the same exact stock on a U.S. exchange and pay a premium for that privilege? The other side would argue that valuation is all about perception, but here’s why we prefer U.K. listings to U.S. listings.

  • We always prefer to buy companies at a discount whenever possible
  • We enjoy the currency and country diversification that comes with buying foreign-traded assets
  • We like having protection from the hype-driven U.S. markets where the ARK effect can move swaths of tech stocks at a moment’s notice

If you buy a U.K.-tech stock, just be prepared for those “we can’t understand why it trades so cheap” comments that will make you question your decision constantly. It’s at times like these that you should capitalize on the buying opportunity and add more shares.

A Simple Valuation Ratio

In order to see how much of a discount we’re getting by dabbling in a U.K.-listed stock, we can quickly check our simple valuation ratio – market cap / annualized revenues – for both companies. Since SentinelOne isn’t publicly traded yet, we’ll use the CB Insights unicorn farm valuation of $3.1 billion.

  • Darktrace – $3.3 billion / 0.199 billion (2020 revenues) = 16.7
  • SentinelOne – $3.1 billion / 0.149 billion (Last quarter revenues * 4) = 20.8

Of course, SentinelOne probably won’t be going public at a valuation of $3 billion. Several months ago, the rumors were that SentinelOne would go public at a $10 billion valuation – a valuation ratio of 67. We can compare that number to the three biggest cybersecurity companies out there (a higher valuation ratio reflects higher expectations of future growth).

  • Palo Alto Networks – $34.4 billion / $4.29 billion (Last quarter revenues * 4) = 8
  • CrowdStrike – $48 billion / $1.06 billion (Last quarter revenues * 4) = 45
  • Fortinet – $37 billion / $2.84 billion (Last quarter revenues * 4) = 13

These valuation ratios are mainly useful to compare companies of a similar ilk. We generally view a ratio above 40 as being too rich, no matter what future growth expectations are. We’ll need to wait and see what terms SentinelOne sets forth for their IPO, but we’d definitely be avoiding it at a market cap of $6.7 billion or higher (at $6.7 billion, SentinelOne and CrowdStrike would share roughly the same valuation). Even if SentinelOne was “cheaper,” we always prefer a leader over a laggard. (For risk-averse investors, bigger is always better.) As Warren Buffet said, “it’s far better to buy a wonderful company at a fair price than a fair company at a wonderful price.”

Burning Benjamins

We largely avoid talking about profitability because all that can come later. Right now, we’re interested in how quickly market share is being captured via revenue growth. Still, we couldn’t help but notice that one company is burning a lot more cash than the other – and there are some obvious trends. Here’s the direction Darktrace is moving towards (you need to read that from right to left – heaven knows why):

Credit: Darktrace

And here’s where SentinelOne is heading (now read from left to right – the way it’s supposed to be).

Credit: SentinelOne

As people with extremely good eyesight can see, SentinelOne is burning more and more cash every quarter. This is relevant for several reasons. First, we’re risk-averse investors who believe the market is defying explanation in the face of an economically devastating pandemic. Should there be a proper recession, cash will be harder to come by (SPACs are the epitome of how easy cash is to access today with equity crowdfunding a runner-up). Second, firms often sell shares when they need to raise money which dilutes existing shareholders, most of whom don’t notice this dilutive effect over time.

SentinelOne burned through almost as much cash last quarter ($61 million) as Darktrace did over the last two years combined ($63 million). It’s another reason we think Darktrace is the better of the two for investors wanting to invest in AI cybersecurity.


We’re getting to the end of talking about AI in cybersecurity. That’s because there’s now an expectation that if you’re providing any sort of effective cybersecurity solution, it will be using AI. Companies that pay lip service to AI by coating their investor decks with buzzwords will soon realize that the real thing is stealing market share because it’s so effective and efficient.

Are we going to finally open a position in the Global X Cybersecurity ETF? Or did we go all hero-or-zero on CrowdStrike? Become a Nanalyze Premium subscriber and find out.