All right, I'd like to welcome everyone this afternoon to our SwampUP 2023 Analyst Investor event. Thank you very much for all of you coming out and attending. I'm gonna have to start off with the typical legalese in terms of forward-looking statements, and then pass it over to our panel here. Leading the event today is going to be JFrog's CEO and co-founder, Shlomi Ben Haim, CTO and co-founder, Yoav Landman, and Jacob Shulman, JFrog's CFO. During this event, we may make statements related to our business that are forward-looking under federal securities laws and are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, including statements related to our future financial performance. The words anticipate, believe, continue, estimate, expect, intend, will, and similar expressions are intended to identify forward-looking statements or similar indications of future expectations.
You are cautioned not to place undue reliance on these forward-looking statements, which reflect our views only as of today and not as of any subsequent date. Please keep in mind that we are not obligating ourselves to revise or publicly release the results of any revision to these forward-looking statements in light of new information or future events. These statements are subject to a variety of risks and uncertainties that could cause actual results to differ materially from expectations. For a discussion of material risks and other important factors that could affect our actual results, please refer to our Form 10-K for the year ended December 31st, 2022, filed with the SEC on February 9th, 2023, which is available on the investor relations section of our website.
For additional information, you may find that available in our 10-Q for the quarter ended June 30, 2023, and other filings and reports that we may file from time to time with the SEC. Additionally, non-GAAP financial measures may be discussed at this presentation. These non-GAAP financial measures, which are used as a measure of JFrog's financial performance, should be considered in addition to, not as a substitute for, or in isolation from, GAAP measures. With that, I'd like to turn it over to JFrog's CEO, Shlomi Ben Haim.
Well, thank you, Jeff, and thank you, everyone. Thank you. Thank you. Thank you, everyone, that joined us here in swampUP, San Jose, and thank you for everyone that joined via the Zoom call. We, as you know, and as we promised, as we committed, were working very, very hard to take over the full, entire 360 software supply chain management. Today, our keynote included some of the releases that I think you can hear among all the customers that are here for our swampUP user conference. I will just take a few moments to go over what was announced today. Together with me, Yoav Landman, our co-founder and CTO, that can answer technical questions, and Jacob Shulman, our CFO, which you well know, that can take all the financial questions. Let's just go over it.
Well, boy, we have some interesting announcement today. Let's start with the static analysis scanners and the coverage for source code scanners. SAS is an addition to our JFrog Advanced Security that was announced in the cloud version in last October, on-prem version on March. We've realized that the entry point to this kind of service, the service that protect the software supply chain from the inside out, starts left to Artifactory, coming all the way from the source code. And developers are expecting to have this kind of protection on their machine, not even on a server-side level.
So, we added static analysis with a very strong integration to the development environment, that now can scan your source code as part of the JFrog Advanced Security, which you well know, that comes with secret detection, contextual analysis, infrastructure as code, and other solutions. The second announcement on the security category was JFrog Catalog, and this is almost natural for JFrog to build a Wikipedia or as we said on stage, the Google search of binaries, or the LinkedIn of binaries. Call it whatever you want. This is how our customers call it, because this information is already in our hand.
In a way, what happened today is that JFrog is not only being the single source of truth for a lot of companies, but also became the data supervisor, the data hoster of all the binaries and the software packages that you bring from outside and that you create and build inside. JFrog Catalog provide you with all the information you need to know about a certain binary, and it comes together with JFrog Curation, which was announced in July, last July, just a few weeks ago, in order to automate not only the detection of malicious code or CVEs, but also to remediate and to set policies together with JFrog Curation. One very important piece of announcement that was included today was in the landscape of AI and MLOps.
And I know that you guys are hearing all type of announcements in this field because of, obviously the hype. But for us it was just the next logical step. And if you remember, during the earnings call, we already said AI models, MLOps models, are yet another form of binary. So our customers and our users, the technologists of the world, expect us to support it natively in JFrog Platform. So what we added and announced today is a native support to Hugging Face, the most popular AI public hub, public repository. And now you can cache pub Hugging Face to Artifactory, and to have Artifactory not only as your Docker registry or Java registry or Python registry, but also your AI models that are coming from the open source community from Hugging Face.
This is being done automatically with the remote repository capabilities of JFrog, now natively. The second thing that was demonstrate and announced on stage was how Artifactory is managing these models. By the way, not just the models that you bring from outside, and not just the models themselves, but everything and every metadata that need to come with it, and every model and training models that need to come with it, how Artifactory will manage it for the organization as a single source of truth. Now, remember, who are the people that are building AI in your organization? It's the Python developers, it's the data scientists. These are the AI engineers. They already use Artifactory.
They already use Artifactory with PyPI, they already use Artifactory with Conda and CRAN, and now Artifactory becomes their single source of record also for AI models, whether they were bought from Hugging Face or built inside the organization. The last piece of this announcement was the Xray enforcement on these models. It's not good enough to build an AI registry. Yes, we are the first and only local repository in the world, and we are very honored to be there. It's not enough. A complete solution comes with DevOps and security. DevOps and security means that if your company's policy says that it's not allowed to bring an AI model with the license that is violating your policy, Xray should block it.
The automatic proxy and caching of Artifactory means nothing if you cannot apply the security policy on these AI models, malicious models, some known CVEs that you don't want to bring inside, versions of models that are not maintained, that you don't want to bring inside. The comprehensive solution, the authentic solution, the zero fluff solution that we released today, is now in the hand of our customers, so they can not only support the developers, the engineers, the data scientists of the organization, but also Gen AI initiatives in the organization. I want to touch the release lifecycle management, and that was shared on stage as well, because this is a combination of what we call the one world, a harmonized world of DevOps and DevSecOps.
There is no way, there is no way that in today's pace, when your developers releasing so many times a day software, there is no way that you can be secured if you are not cryptonized and if you are not signing the process. What you have at the beginning might be changed 5,000 times along the different quality gate, and you need to make sure that if it was changed, then you know about it. And if you don't want it to. You are signing it and cryptonizing it, and you are doing it in an automated way. It's not manual, but you have all the records and all, the information that you need to add on top of the binaries. We announced today, release lifecycle management in addition to our, JFrog Platform and the DevOps, solution.
This is coming from the field. This is a request that we got from the field in high scale. When you have multiple releases a day, you want to have different quality gates that certify every release that comes out. Let's see if I didn't forget anything. The last thing is Curation. Curation is kind of in the JFrog life; it's kind of old news because it was announced just a month ago. But Curation is a big thing. And I'm telling you, it's a big thing, not only because of the fact that it was announced again today on stage, but because of the fact that on July 18th, we announced it, and we already have paying customers. How many security tools you know in the field that in less than a month, out there in GA, are already in production?
And you know why? Because it's a real pain solver. Curation is the binaries firewall that you put in front of your organization. This is an outside-in solution to make sure that your company policies are enforced even before, even before software packages, open source software packages are coming into the organization. And what Curation can help you do? Whether you take binaries from Maven Central, Docker Hub, NPM, or other repositories, and as you know, our philosophy is all about universality. What Curation can do, Curation can actually set a policy that automatically will block malicious packages, unwanted versions, unwanted licenses from even getting into your organization from the get-go. So if you want to kind of picture the full comprehensive software secure software supply chain security, you have JFrog Advanced Security and Xray from the inside out, protecting the development environment.
You have Curation from the outside in, and, we are very, very proud of the team. It's been almost two years since we acquired Vdoo. This team worked under the radar with the strongest research team, that built a very strong database and a very strong, tools and technology that is based on our customers' feedback. And I'm very much expecting, to see these results also being translated, to business as we guided and predicted with you. Thank you.
All right, we'll open up Q&A now. So if you have a question, if you could just raise your hand, I'll bring the mic over to you, and we'll get the question asked.
Sanjit Singh, Morgan Stanley. Shlomi, that was a great overview of all of the announcements today. It sounds like the innovation engine is quite healthy at JFrog. I guess the main question I have, and kind of like the multimillion dollar question is: Where is the category going? 'Cause it seems like there's two trends at play. There's one, the software release cycle moving on-prem to the cloud, number one, and then two, we're on the dawn of a new compute cycle, and how your customers are thinking about that. Then essentially, the debate is, are they going to reconstitute their software release cycle as it is today in the cloud, or are they going to consolidate, and if they are gonna consolidate, with whom?
I'd just love to get your latest view on those background secular trends and where, where you think the category is going from that consolidation perspective.
Thank you, Sanjit, for the question. We speak about a category, but I think that the evolvement is kind of mixing or merging few categories together. Not so long ago, DevOps was a category, and Security was a different category, and nobody argued today that it's on the same plate as a task. We are speaking about source code management for so long, and you see now that software supply chain management is all about binaries. Well, not all about, but 90% of it is about binaries. We're speaking about software supply chain, but then, there is a new category that's rising up very fast, which is MLOps and AI. So I think that we should be focused on the end in mind. What is the end in mind? In my world, the end in mind is continuous update of software.
And we said it in the S-1 when we went public, and it became a reality now. And the only way to have a continuous update flow all the way to the edge, all the way to the devices, and this is the race that companies have between them and their competitive landscape and between them and the hackers. The only way to have a continuous update software supply chain machine is to be focused on the binary. So I think that what we will see in the next coming years is that more and more companies will fine-tune the way they secure the software supply chain, because what they have today keeps them vulnerable.
We will see more automation stepping in, and more automation will enable more machine involvement in the process, and we will see more regulation, because, to be completely honest, there is so many areas that are not yet covered with the required regulation of how you secure, of how you release, and how you bring in AI that is required. Yoav and Jacob, if you-
Yeah, I can add to it. So the cloud is definitely happening, and that's a trend that's accelerating. But I think regardless of what deployment looks like, whether it's on-prem, whether it's on-prem in the cloud, like you manage the software yourself, or maybe it's a, w e see that a lot with JFrog, we have, like, factories that get software deployed in them. The main concern that we'll see customers focused about is the trust in their releases. And what we spoke about today, this release-first approach, is really how customers thinking about software. They have a software release that they need full visibility, very similar to traditional industries, to how this release was created.
They need control points along the way so that they can inject this trust, and they can give you this full visibility to the history of the release. You can think about it like the car industry. You have a car, you know exactly which vendor created every component. If something is faulty, you can do a recall. It's the same. Source is another very important part of the chain. But it's only part of the chain. It's part of the process. You have the part, the phases where you consume output from external sources, like input, sorry, like third-party components or open source component, that make up more than 90% of your application. Then you package your release, you're testing it together with the work of other people in the organization, and you bundle it, and you distribute it.
All those steps, and of course, you scan it for security issues, all those steps, they require proofs, very similar to traditional industries, and that's what we're seeing customers going to.
Even, even on the runtime, like if you want to run something in Brazil, we have customers that are actually attaching this evidence that says, "It's fine, you can deploy this release in Brazil." And the runtime will reject if it's not there. So it's around creating this end-to-end trust.
Hey, guys, you have Mike Cikos here from Needham. So two questions, and thanks for doing this, right? The first question I have, Shlomi, great to hear on the adoption and already having paying customers for Curation. The question on that becomes, for those initial customers, are they coming up for renewal? Are they skewing more heavily towards a specific end market? Like, what are you seeing for those customers who are adopting Curation? And then the second, I know this is just brass tacks here, but just want to get a better sense and make sure I properly understand how you're monetizing all these announcements today. Like, are some of these included in existing packages, or some of these new SKUs, which are gonna require an additional attach on behalf of the customer? Thank you.
Yes, thank you, Mike. So regarding the Curation customers we have already, these are Artifactory users that surprisingly not security people. These are the combination of DevOps and DevSecOps guys and not the traditional security people, and mainly because of the fact that Curation is very easy to be adopt by the developers. They want to know two things: A, we are not bringing something we shouldn't, and B, if we are being blocked, tell us why. And the combination of Curation and Catalog provides that. The reason that we build Curation on top of the JFrog Platform is mainly because of the fact that, again, the value is in the holistic solution, not just the standalone solution.
Although, one of these customers that we are speaking about is a new logo that came to JFrog because of Curation. Regarding the second question of how we are planning to monetize that, JFrog Advanced Security and JFrog Curation are tier two and tier three in JFrog holistic security solution. Tier one is Xray Essential, which, as you know, comes with a DevOps subscription. Tier two, JFrog Advanced Security, six different capabilities. Today, we added static analysis, bundled together, consolidate together, very appealing to CIOs and CSOs because of this consolidation and alignment with the platform. But this is an add-on on top of the subscription, and you pay by seat for JFrog Advanced Security. Tier three, JFrog Curation, comes and as an additional add-on that is also by seat, by contributor, by developer contributing seats.
JFrog Curation is also another layer that you can add. So basically, if you want to think about monetization, first, there is the easy way of thinking about expanding with the customers from DevOps to DevOps plus JaS, to DevOps plus Curation. And there is another thing that we start seeing, customers that are using only Artifactory with a Pro subscription, customers that are using only Pro X Artifactory and Xray, start to upgrade to Enterprise Xray and Enterprise Plus, which by definition, with a base fee that is higher than the lower subscription. So we see those two trends. It's too easy.
This is why, in a very responsible way, we guided you that in 2023, this will not be material, but I'm sure that what we'll see in 2024 is a breakthrough of JFrog Security, setting the standard in the market.
Thanks. Sebastien Naji from William Blair. Two questions from me as well. The first is, it seems clear that your differentiation in DevSecOps is your not only visibility into the binaries, but also your control of those binaries. Is there a quantitative way to think about that benefit? Like, how do you sell that to customers, how do we sell that to investors? That, you know, y ou catch 55% more vulnerabilities or something like that with that visibility and control of the binaries. That's part one. Then part two is just around the MLOps monetization potential. It sounds like a lot of those binaries are magnitudes larger than your traditional application. What's the potential uplift or expansion to just core Artifactory usage as a result of more applications becoming GenAI-enabled?
Yeah, very good two questions, Sebastian. Regarding the first question, binaries are asset that is growing in multiple languages, and it's the only asset, or not the only, but it's the most popular asset that is also available by the community. Nobody build anymore from scratch. You bring software packages, and you build your own. I don't have the data to tell you how every repository is growing, but what Hugging Face, for example, published regarding their growth with number of models, or what we see in Docker Hub, or what we see in NPM, shows us that the number of binaries in the world are growing in the order of magnitude. JFrog being the single source of record for organization is, although we are already more than 10 years in the market, this is a new concept.
Because your single source of record, not necessarily was your binary, but what happened is that the world start to be driven by data and binaries are coming with the data. So most of our customers, when they need to automate something, when they need to operate something, they don't just need the software package, they also need the data that comes with it. So I think that you will see this transition happening, and, and you see it now happening more rapidly because of automation and AI. But this transition from managing source code to managing binary, it's happening, it's a fact, and it will make JFrog even more mission-critical, even more the center of gravity, because, as you said, we already control the binaries, so now we are just secure them or release them or deploy them. Regarding, the second question.
I'm sorry, I'm cut off. Can you remind me?
Yeah. It's, it's just the ability to monetize the MLOps opportunity-
The MLOps, yes. Thank you.
Given the much larger dependencies.
Thank you. I'm so excited about what we have to speak about that, cutting my line of thought. MLOps, what is it, Sebastian? What is... Everybody's speaking about it. Everybody's speaking about it, but we have over 7,000 customers. The majority of the Fortune 100 are a customer of JFrog, and if you go and ask them, they will say, "We have to invest in it." They will say, "We have to get into it." And then you ask them: "Okay, so how do you manage AI initiatives in your organization?" And you get all type of question.
So it's too early to say how you will monetize AI, but I will tell you right here, right now, if Artifactory is the first repository in the world to support Hugging Face proxy, to support management of your AI model, and by the size of these binaries, which are bigger than the regular binaries, you look at different storage and different needs and different scalability that Artifactory provide and other registries cannot provide, I think that it would be another package that will become very popular, and the standard maker will become JFrog. So it will bring new customers, and it will bring our customers to expand their solution with the JFrog platform.
So I want to expand on your first question about control. Since we are the hub in the organization for all the software components of the organization and now machine learning, too, it's very easy for us to apply control centrally, and security professionals just love it because for them, if they want to. So for today, even without Curation, you can block downloads of artifacts that were not scanned yet by Xray, so that can be a central rule. Now, with Curation, you can completely stop them at the perimeter, and I'm not sure how many of you saw the keynote, but for the developer, it's transparent. They don't have to set up anything in their pipeline. It's just, t his is part of their service they're using now.
If they are blocked, they will get the input. Like Shlomi said, it's really critical to maintain the productivity and longevity of development. But you apply these controls in the center, on the hub, and it's just very easy to apply security that way. That's what security professionals love so much, that they don't have to get the collaboration of the teams that they need to secure.
Hey, thank you. Excuse me. Miller Jump from Truist Securities. So two questions for me as well. I guess, first one, just when we saw that graphic during the keynote that broke out the different stages with kind of binary versus code space, you know, it seems like the announcements today and recently with Curation are actually moving you into the code space where you haven't been as much before. I guess, first question is just: is that something that, you know, has been on your roadmap for a while, or is there something that's causing you to shift there now? And I guess maybe, you know, do you expect to do more there in the future?
Second part of the question, just again, along the lines of all the product announcements that you've made, obviously, you all announced some long-term targets, as far as your operating model and revenue growth. You know, I would imagine these products were already on the roadmap when you made those announcements. Are those baked into current growth or would those be additional to the targets you laid out earlier?
So maybe I can start with the first question about the shift left. So we announced our expansion left in two major areas. One is the curate, and the other one is the create, where developers are actually writing their code. On the curate, it's actually binaries all the way. It's about closing the gate on bad components that can get which are binaries. These are binary packages the developers are using. So the dependencies, the packages that your developers are consuming, these are binaries, and this is a critical step, which is even before you start writing the first line of code, you kind of say which external libraries you require. So that's on the curate phase. On the create, we are practical.
We know that fixing stuff as much on the left as you can is cheaper, it's easier. There are plenty of researches and evidence about why it can be more efficient. But the nice thing is that we're applying the same set of rules and giving you a same a single pane of glass for all those checks. So you have one place to see all your security findings across the different stages. And also, we have this connection between the source and the release and the binary that were created from the source, which I don't think any other platform provides to this. We have a holistic view, and we really want to cover all bases.
We want to close the loop, including to the runtime, and give you this full holistic view, which customers need.
I will address the long-term question, a long-term model question. Absolutely right. Some of these products were already released, were in final stages of launches when we provided more details about our long-term model. If you recall, that we noted three major growth drivers for the long term. One was the platform adoption, second was the SaaS migration and transition, and third, security. All of these announcements fall into these three categories, and therefore, were included in our model.
Hey, guys, Koji Ikeda from Bank of America. Thanks for taking the questions. I got two, and the first one is a follow-up to an earlier question. Shlomi, I think you mentioned that a new logo came to JFrog because of Curation. I guess, you know, what caused that? What was maybe the pain point that that customer was coming to? And could Curation become, you know, more of a common land for customers out there? And maybe even some of the newer products announced today, you know, maybe the trusted ML model management, could this be a land-type product in the future? First question, and then the second question is about kind of the sales organization and the sales strategy.
So, you know, your opening remarks, clearly, the lines between Dev and SecO ps are blurring, and you add AI and ML as an accelerant there. Are you guys finding that the lines between the buyers within these organizations, between the dev and the sec and the ops organizations, are those lines blurring? And if they are, how is JFrog attacking that evolving buyer? Thank you.
Thank you, Koji. Regarding new logos coming in because of the new capabilities, obviously, that's something that we are very excited about. I don't think that we will see new logos coming just because of Curation, but when Curation comes on top of Artifactory and Xray, that's a completely different value that you get from a software supply chain platform. Now, you look at the landscape, and you ask yourself, "Okay, who else gives me these capabilities, not only to become my single source of record, but also to protect my organization from the inside and from the outside?" There is zero. And we have this full pack for our customers, and to be honest, and, and I'm saying it in the most humble way I can, I'm not surprised. Curation came to JFrog from the field.
Our customers told us, "You are the single source of truth for our binaries. Can you make sure that unwanted binaries will not get in?" So the moment we announced that, even in the beta version of it, when we test the waters with Curation, we already saw the excitement. So yes, I think that we will see new customers. One of the reasons, also going back to Mike's question, one of the reasons that Curation only comes with Enterprise X or Enterprise Plus is because of the fact that we want you to have the full experience and not just have an add-on supporting your binaries firewall. The second question, second question about the sales motion, the sales team, and what we see in the field.
JFrog today support six different persona, and the main reason for that is the transition that we see and the evolvement that we see, and the evolution that we see internally, is a mirror of what we see externally. The CIOs and the CSOs are becoming one. I was a bit surprised when, a year ago, in every meeting that we spoke about security, I saw both of them coming in. Today, I'm not surprised to see that most of the big organizations are talking about unification of this role, because CIO must have some security capabilities. This cannot be an outside organization. They are too fast for the security to catch up with them.
The second thing that we see is that Product Managers are now starting to be part of, of the people who speak with us, because if you support a big car manufacturer that, is telling you not by the amount of releases, how good you are, by, but by the amount of cars that are going out from the manufacturer, then the Product Manager is the one that owns that. And, and I think we will see more and more, personas kind of, chiming into the JFrog platform. AI will, for sure, introduce us to, a larger group of data scientists that not natively use JFrog today. I, I can think about other communities, but this evolution inside JFrog is, mirroring what happened outside of JFrog Security and DevOps, becoming one.
Releases, including also the product managers from the get-go, and we see more and more developers from different communities kind of checking in to the platform. By the way, this is also not new. We saw it in the past. We started, all of you remember, with Java, and then it went to .NET and C++ and containers and RPM and 30 different technologies.
Thank you for taking-
It's working.
Thank you for taking our question. It was a really lively event. This is Yi Fu Lee with Cantor Fitzgerald in for Jonathan Ruykhaver. Maybe start with Shlomi. If I have to ask a pick your favorite child question, right? You know, you have your SAST catalog, MLOps release life cycle and Curation, right? You launched today, right? What do you think is going to be the major upside opportunity in the near term, medium term, and long term? Start with that, and then I have a follow-up for Jacob on the financial side.
Well, first of all, let's take Catalog out of the list, because Catalog is offered. We are the binaries people. We own your binaries, we own the binaries of the world. We provide it as a service. It's like LinkedIn or Wikipedia, but on top of it, we are building all type of services. For example, if you want to automate everything that's in Catalog, Curation will do it for you. So on the security side, in the enterprise, and let's also be honest about another thing. I don't see a five-developer shop or a 20-developer shop taking the full JFrog Platform with JFrog Advanced Security and with JFrog Curation. It's just overshooting, and this is why we built our enterprise sales team, our strategic sales team.
They know how to go and to expand our landscape within the customer's portfolio. But on the security side, we see a lot of excitement about secret detection, which is one capability of JFrog Advanced Security. We see a lot of excitement about the release of static analysis, what we announced today. And on inside, it's a different type of excitement. It doesn't just come from security, it's also come from developers. Unlike just that, they always have to bring the security guys. Curation, it's part of the DevOps budget so far.
Just Advanced Security.
Just Advanced Security.
Yeah.
And, I think that, as I said, it's too early to see, but the main driver, if you ask yourself, what is the trigger? Why security companies should be worried now? They should be worried because, not because of the fact that JFrog brought a new technology to the market, but because of the fact that the threat is different now, and the hacker is going after another door that is open for him, and the developers that became a target are a target because of the binaries that they left in the public hub or in the runtime environment, or in ChatGPT, they told them to do something, and you don't even know that your developer used it building the code.
Makes sense. Thanks for the color on that, Shlomi, and then follow up on maybe Koji's question on the go-to-market. So now you have all these products, right? Jacob, does it mean that you need to make more investments, on, like, sales folks, R&D folks, or is that already embedded? And anything on the messaging, like, just because you have 5, 6 new products, right, right now, anything different you need to do on the messaging? And that's for Shlomi.
Yes. So on the go-to-market investment, first of all, we started investing into our top-down capabilities several years ago by building the strategic team, completely creating different market collateral for the C-level, which is different from the messaging, different from developer, enhancing our support and professional services capabilities, et cetera. Specifically with security, we built also overlay team that enables our existing sales force that involved in marquee deals that also working with our marketing organization and market education. So all of those investments have already been done. And what we'll have to do is obviously to scale those functions, right?
As we continue to grow, as contribution from security will continue to grow, we'll enable more and more of our salespeople, and we'll expand those efforts, but initial investment has already been made.
And if I may add to it, today, for the first time ever, we also held JFrog Partners Day. And you've been hearing from us about third parties that are now boosting our sales and expanding our sales force. It was the first time ever in JFrog history that we held the JFrog Partners Day, and it included resellers, all the clouds, and also all the technology companies that we are integrating with and do some co-sales with them. This is also something that our CRO is developing alongside the strategic team and the top-down mechanism, because we know that by geography and by technology and by post-sale mechanism, we have to use some partners to expand our footprint.
We've got time for one last question.
Great. Thank you. So I was just gonna ask about the new partner program that you announced in the inaugural Partner Day yesterday. So could you talk a little bit about what went into the structure there? It seems to be a little bit less commitment, lower barrier to entry for those partners. And then also noticed the government component of that. So, any opportunity for that to kind of accelerate your federal business there? Thank you.
Two very important element into it. Our SVP of Partners and Alliances that joined us a bit more than a year ago, and part of our CRO organization, came with a methodology that completely changed the way we thought about partnership. And instead of putting the barrier on how much you bring and how big the customer is, she was aligned with what built JFrog? What was it that scaled JFrog? JFrog scaled because we started with getting in with a repository and grew up to be multimillion deals in some of our customers. And we built this relationship with our trusted partners now.
Almost 100 people were here yesterday, and we know that if we will set the bar too high, it will shrink the amount of partners that we want to work with, and we want to spread JFrog everywhere. So we are going aggressively after the market, and therefore, we are happy to collaborate with what we call a partnership in a box. Easy to initiate, easy to use, less bureaucracy, and focusing on the three dimensions: happy partner, happy vendor, happy customer. If we have that, we will expand together. The second thing regarding government, alongside the efforts that we invest in the different certification now, every company now have a completely different certification from Iron Bank, it moved to Cista, to move to FedRAMP, and so on.
So, alongside the effort that we are doing on the JFrog side, from the inside out, we started to work part of this partner program, also bring government expert. That already got us to some government and highly regulated agencies, and we will keep investing in it.
All right, Shlomi, if you'd like to provide any closing remarks before we wrap it up today?
Yes. We have a philosophy in JFrog that what we announce on stage is ready to use. It's not a plan, it's not going after a hype, it's not catching the headline. It's something that our users are stepping out, and they see it in the boot, and they go and they download or start their cloud account with it. We are very excited about it, and we also know that we are driving a change. We are driving a change in the world, and it's, y ou know, three years ago, when we went public, it was almost like speaking Hebrew with you when we spoke about binaries. That's the future, and I'm so honored, and I'm so happy.
What you saw today, being released for the first time in the world, not just the, the AI and the ML, but also all the security tools and the release bundle tools, it's. We are capable to do so because we are focusing on one asset, and in this asset, I'll promise you that we will be the best company to provide the solution. So may JFrog be with all of you, and thank you for joining us.
Thank you, everyone, for joining.