SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Tom 1
#
Digital Transformation
#
Cloud Security
#
Advanced Persistent Threat Protection

CrowdStrike extends flexible services model to partners

Thu, 26th Mar 2026
Author image
By Joseph Gabriel Lagonsin, News Editor

CrowdStrike has launched Flex for Services and the Zero Dollar Flex Fund, extending its Falcon Flex commercial model into security services.

The new offering targets organisations buying services such as incident response, threat hunting, red teaming, readiness assessments and AI advisory work. Instead of purchasing fixed engagements, customers can draw from a pool of service hours as their needs change.

The model also applies to partners, including system integrators, managed service providers and incident response firms. They can use CrowdStrike's technology and expertise in their own service offerings while giving customers a consumption-based way to buy support.

Partner focus

The launch centres on two related initiatives. Flex for Services is the broader commercial model for CrowdStrike's services portfolio, while the Zero Dollar Flex Fund is an entry offer for qualifying new services customers.

Under the fund, eligible customers can receive 200 hours of CrowdStrike Services with no up-front initiation cost. That includes 160 hours of incident response and 40 hours of proactive services.

Flex for Services operates independently from Falcon platform subscriptions, allowing organisations to buy services under the new model without tying the purchase to a broader software subscription.

CrowdStrike is making the move as security teams face pressure from staffing shortages and rising costs. The company argues that fixed-scope services engagements are less suited to environments where threats and technology deployments change quickly.

Tom Etheridge, Chief Global Services Officer at CrowdStrike, described the approach as a natural extension of the procurement model the company has already promoted in software.

"When a model works, the market follows. Falcon Flex is the blueprint for how modern organisations procure cybersecurity and how vendors now go to market," said Tom Etheridge, Chief Global Services Officer, CrowdStrike.

"Flex for Services extends that model to security services, shifting the consumption model from hours to outcomes. It brings Falcon into more environments and opens new opportunities for our service partners. Innovation doesn't stop at technology," Etheridge said.

Growth model

CrowdStrike linked the services announcement to broader adoption of Falcon Flex, its existing licensing model. In the fourth quarter of fiscal 2026, it reported ending annual recurring revenue cohort of USD $1.69 billion in Flex account value, up more than 120 per cent year on year.

That figure helps explain why CrowdStrike is extending the model into adjacent parts of its business. Security vendors are increasingly looking for ways to deepen customer relationships across software, advisory work and response services rather than selling each element separately.

For partners, the appeal is the ability to package their own services in a way that reflects shifting customer demand. Instead of selling a narrowly defined block of work, they may be able to retain clients for longer as needs move between preparation, testing and response.

The structure is intended to help partners scale delivery and generate repeat business. It also gives CrowdStrike another route into customer environments through third-party service firms that already manage security operations or breach response work.

Kroll, one of the companies working with CrowdStrike services, said the model could change how customers buy specialist support.

"CrowdStrike's technology and cyber expertise are core to the services we deliver to keep our customers safe," said Robb Mayeski, Global Head of CrowdStrike Services, Kroll.

"Flex for Services unlocks greater value for our customers, giving them the flexibility to consume the expert services they need as their risk profiles change, while enabling us to scale our business. This isn't competition, it's collaboration," Mayeski said.

The announcement also reflects a broader shift in cybersecurity buying patterns. Companies are increasingly looking for spending models that can adapt to operational risk, particularly as generative AI tools, autonomous coding systems and expanding data estates create new security demands across large organisations.

By adding services to a flexible commercial framework, CrowdStrike is seeking to make its consulting and response teams part of that shift. The Zero Dollar Flex Fund adds a trial mechanism that lowers the initial cost for new customers and may help the company and its partners attract organisations that have not previously bought CrowdStrike services.

For customers facing a breach or seeking readiness work, the practical detail is straightforward: qualifying new users can access 200 hours of CrowdStrike Services, including 160 hours of incident response and 40 hours of proactive services, with no up-front initiation cost.

Related stories
CIQ launches Linux compliance platform ahead of deadlines
Emerson & OPSWAT strike global reseller deal for OT patching
IWF & Cyacomb launch workplace abuse material scans
Cork Cyber adds automated mapping to Vantage platform
How Atomgate uses education and partnership to drive successful SonicWall upgrades

Top stories

Team Cymru launches Total Insights Feeds for threat data
FIRST conference highlights AI & CVE disclosure push
Protegrity launches AI Team Edition for secure inferencing
OpenAI launches Trusted Access for Cyber with major names
Anthropic launches Claude Opus 4.7 with stronger coding