October 2022 Portfolio Review

Total Return: -56.7% YTD (-38.0% vs S&P)

TheStockNovice

Oct 31, 2022

Last year our portfolio went trick-or-treating as Mike Myers…

This year it went as Michael Myers…

Big difference. 😒

2022 Results:

October Portfolio and Results:

2022 Monthly Allocations:

Key:

darker green: started during month
lighter green: added during month
yellow: trimmed during month
blue: bought and sold during month
red: position exits
positions >10% in bold

Past recaps:

December 2018 (the one that got things started)

December 2019 (contains links to all 2019 monthly reports)

December 2020 (contains links to all 2020 monthly reports)

December 2021 (contains links to all 2021 monthly report)

Stock Comments:

Earnings season for our portfolio starts in earnest with BILL, DDOG, NET, and TMDX all reporting November 3 (Strictly Business subscribers received more detailed pre-earnings thoughts here). Tech company reports thus far have mostly been mixed, which only seems fitting for 2022. Below is our holdings’ most recent news entering the fray.

BILL 0.00%↑ – Bill released some fairly significant October news by dropping the ".com" from its name:

We’ve dropped the .com. BILL is rooted in our heritage. When our CEO, René Lacerte, founded the company, he wanted the name to reflect our support for both people that bill, and those that pay bills. Evolving our name to BILL is simple, and it’s also how we are often referred to colloquially. Making this shift now feels right…We’re modernizing the look and feel of our brand to create a more engaging experience, and to honor and celebrate the contribution of SMBs to our communities and economies.

The link is worth the quick scan for shareholders. I’ve always thought “bill.com” a simple, effective name. Management seems to be shooting for even simpler: any bill, any format, any time. Just how big a deal is this? Well, not nearly as big to me as revenue, transaction volume, and customer count will be when BILL reports November 3. I appreciate management staying on message though.

CRWD 0.00%↑ – CrowdStrike sprinkled some interesting tidbits this month. First was a blog entry detailing how it helps government agencies meet recent CISA (Cybersecurity and Infrastructure Security Agency) guidelines for protecting unclassified assets. The post walks readers through CRWD’s risk discovery, endpoint protection, and observability capabilities. It also notes CrowdStrike’s FedRAMP authorizations, meaning its platform can immediately protect and benefit government agencies. With plenty of federal cybersecurity spend on tap, it’s encouraging to see CRWD aggressively pursuing it.

CrowdStrike also expanded its relationship with consulting giant Ernst & Young. The new arrangement adds CrowdStrike Cloud Security and Falcon LogScale to the existing list of Ernst & Young services, increasing the number of modules available through this partner channel.

The last update was a detailed interview with CEO George Kurtz. In it Kurtz discusses the strategy allowing CRWD to jump from $1B in annual recurring revenue to $2B in just 18 months. He reemphasized the company’s goal of leveraging its endpoint protection dominance into an end-to-end security platform. As the article states, “at a time when cybersecurity teams are looking to consolidate on fewer vendors and short on the staff needed to operate tools, CrowdStrike's approach is increasingly resonating with customers.” The article articulates CRWD’s potential very well and is worth the read for anyone considering or owning it.

DDOG 0.00%↑ – In early October Datadog launched a formal certification program for developers. This certificate “signals to peers and employers that they have proficiency in the industry's leading observability platform and have demonstrated the ability to apply that knowledge.” It is a testament to Datadog’s popularity developers might see value in letting others know they are proficient on its platform.

This was followed by DDOG’s mid-month Dash customer conference. Unsurprisingly, the event highlighted several updates including:

General release of Datadog Continuous Testing helping developers create, manage, and run end-to-end testing on web applications.
Achieving PCI (Payment Card Industry) compliance for log management and application performance. This means Datadog now meets key security standards for customers accepting, transmitting, or processing electronic payments.
A new Cloud Cost Management product for customers to observe, track, and manage cloud spend for their data.
General availability of Datadog Cloud Security Management to monitor, alert, and manage cloud incidents in a single platform. This product should appeal to current customers wanting to streamline services or avoid piecing together multiple solutions.

Datadog provided a complete list of all the new features can here. I must admit though much of it is a little too dense for me to follow. Luckily, there’s a plain English recap over at Software Stack Investing (SSI). Browsing both it is clear Datadog is focused on innovating in a way which should further endear it with customers. We’ll find out how much current love it’s seeing when it reports November 3.

NET 0.00%↑ – Cloudflare’s first update was a post detailing the 36 – yes, thirty six! – announcements from Birthday Week in late September. The link clearly and cleanly summarizes the dozens of enhancements released during the event. And if you dug SSI’s Datadog write up, you can head right back over for the plain English recap of Birthday Week as well. In fact, Software Stack Investing and hhhypergrowth.com are two of the best places around for dumbing down technobabble in a way simpletons like myself can follow along.

NET also continues its "Zero Trust, Zero Nonsense" roadshow. The event highlights Cloudflare’s capabilities in:

Augmenting (or replacing) a VPN: Provide simple, secure access to resources and maintain a great employee experience, while mitigating risk of lateral movement—a favorite hacker and ransomware tactic.
Streamlining SaaS security: Empower IT with the visibility and controls of SaaS apps and email they deserve to better care for their employees, catching shadow IT, misconfigurations, and business email compromise before it spirals out of control.
Strengthening threat and data protection: Keep your data safe against modern threats starting with simple DNS filtering, then extending Zero Trust principles to the Internet and email with remote browser isolation.

The remaining dates and locations for the roadshow are here.

As usual, Cloudflare gave us a lot to consider. Our next business update is November 3 earnings. I’m expecting a typical Cloudflare report.

S 0.00%↑ – SentinelOne’s October was quite busy. First, it expanded integrations for email, compliance, and cloud protection with some of its Singularity Marketplace partners. Next, it received some third-party recognition by winning Frost & Sullivan’s 2022 Global Customer Value Award. This award recognizes companies creating clear value for customers through criteria like:

Financial Performance
Operational Efficiency
Growth Potential
Price/Performance Value
Customer Purchase Experience
Customer Ownership Experience
Customer Service Experience
Brand Equity

Later SentinelOne strengthened relationships with Google-owned Mandiant and TELMEX Scitum, Mexico’s leading cybersecurity firm. I’d consider both sizable wins for such a relatively small firm.

Lastly, S launched WatchTower Vital Signs Report to better present “an accurate profile of cybersecurity posture and controls” for companies seeking cyber insurance. The extra details in WatchTower let security firms and underwriters streamline the risk assessment process for cybersecurity coverage. That sounds like a handy add-on.

If nothing else, SentinelOne has established an impressively steady cadence of upgrade and partnership announcements these last few months. Our next earnings update isn’t likely until late November or early December. In the meantime, I see nothing at all wrong with the crumbs we’ve been getting to tide us over.

SNOW – Early October saw Snowflake announce its 2023 Startup Challenge. The competition is open to any early-stage startup with less than $5M in funding using Snowflake as a core component. The prize pool includes up to $1M for the three finalists with the winner eligible for $500K. The 2022 Challenge drew hundreds of registrants from 70+ countries, and Snowflake hopes for an even bigger turnout this time around. With the venture capital market rapidly tightening, I’d have to think SNOW will see considerable interest in this event.

Next Snowflake Ventures announced an investment in TV advertising firm OpenAP. OpenAP uses SNOW’s Global Data Clean Room to share private, anonymized data for advertisers seeking more targeted campaigns. Snowflake is the first non-media firm with an ownership stake joining Fox, NBCUniversal, Paramount, and Warner Bros Discovery. This looks like a good move given management’s previous comments about the rapid growth of media-related data on its platform. Being we also own The Trade Desk, I’m curious to see where this one goes. In theory the move to a more open advertising environment should benefit everyone involved.

SNOW finished by achieving HITRUST r2 certification for healthcare data. This means Snowflake now meets key requirements for securely handling healthcare and life sciences data. With the healthcare vertical already one of Snowflake’s largest, this lets it stay “at the forefront of industry best practices for information risk management and compliance.” Good to know.

TMDX 0.00%↑ – All quiet on the TransMedics front. Hopefully, that’s simply because it has been grinding away to meet all that excess demand mentioned last quarter. Earnings November 3. Fingers crossed.

TTD 0.00%↑ – The Trade Desk kicked things off with an October 4 Investor Day (presentation here). Unsurprisingly, there was plenty of time spent on the growth of streaming TV and the move of advertisers away from closed environments like Google and Facebook.

CEO Jeff Green followed with a CNBC appearance discussing the state of digital advertising. If you haven’t heard the gospel of Green before, it’s worth a listen. His message was clear: while advertising faces the same short-term pressure as other corporate spend, the underlying market continues to move TTD’s way. It only needs to keep executing on the opportunity. We’ll hear more about that execution when The Trade Desk reports November 9.

ZS – ZScaler saw a fairly significant management change to start the month when President Amit Sinha resigned to take a CEO position with a privately-held firm. Losing brain power is always tough, but it’s not as if ZScaler’s CEO spot was opening any time soon. The good news is Sinha remains on the Board of Directors which appears to suggest an amicable parting. Anyone previously reporting to Sinha falls under CEO Jay Chaudry for now. It’s TBD if we’ll see any further shuffling.

Later ZScaler announced upgrades making it faster and simpler for customers to protect data. The release calls it a set of “industry-first” features providing:

Expedited Deployment Cycles with Zero Configuration DLP: Utilizing the scale of the world’s largest security cloud that processes 170 million files per day, the new zero configuration DLP capabilities auto classify all organizational data, thereby accelerating the deployment of data protection programs.
Mitigated Security Risks by Unifying Data Protection Across all Channels: The addition of endpoint, and email data protection capabilities adds to the existing support of web, SaaS, IaaS, PaaS and private apps. This removes the need for point products, decreasing security risks and management complexity by unifying policies across channels.
Simplified Operations through Automated Workflows: Advanced closed-loop incident management delivers actionable insights and automates workflows to respond to potential security risks in a timely and effective manner.

At first glance these look more like platform enhancements than new products to monetize. However, there’s nothing wrong with strengthening an already strong platform in the very competitive cybersecurity space.

My current watch list…

…includes Enphase (ENPH), Gitlab (GTLB), monday.com (MNDY), MongoDB (MDB), and ZoomInfo (ZI).

Full disclosure I added a ~1.5% slug of ENPH on the pullback to $248.50 shortly before October 25’s Q3 earnings. I thought the report was solid and liked the guide, but the beat was only 0.3% after 2.0% in Q2 and 0.7% in Q1. While guiding so accurately is somewhat admirable, that’s not much wiggle room for outperformance. Will ENPH’s European business momentum continue as gas reserves fill up and recent warm weather spurs hope of a mild winter? Will its supply chains remain clear with increased demand? Will the additional production capacity scheduled for Q1 arrive on time? That’s all a bit too muddled for my liking right now. With the potentially lumpy nature of this business and so little feel for where next quarter’s initial FY23 guide might go, I decided to pocket the post-earnings pop at $298.50 and go back into watch-and-learn mode. I just don’t understand Enphase well enough yet to feel comfortable giving it a significant allocation. I do like the business though and can easily see myself owning it again as we gain more clarity.

And there you have it.

Welp, ten months down and two to go. At this point there’s not much to do except put your head down and keep plugging away. For November (in the US anyway) that means watching earnings, casting your vote, raking the leaves, and most importantly remembering to wear an elastic waistband on Thanksgiving 😉.

Thanks for reading, and I hope everyone has a great month.