Okay, we're gonna get started. My name is Jonathan Ruykhaver. I cover most of the cyber names at Cantor Fitzgerald. Really pleased to be able to have JFrog today from the company and Ed Grabscheid, CFO, and Jeff Schreiner, who runs IR. So it's been a you know, interesting few weeks. I think you guys probably took it worse than anybody when Anthropic announced Claude Code, which was interesting because it had been in preview for you know, several weeks, so you could go and read how the developers were using it. But you know, the actual headline you know, was I guess available you know, drove your stock down 25%. It it's interesting.
We reached out to several customers and was able to talk to one large customer in the telco vertical. I just wanna read this quote because I think it's a good starting point to try to understand how you've differentiated what the value proposition is. But this is what he said. Let me find. Okay, so quote, "LLM reasoning is not enough as it cannot validate trust, it cannot enforce policy, it cannot secure dependencies against scanned binaries or ML models, nor can it do anything around monitoring runtime systems." They basically said they're complementary. It's not a replacement to a broader supply chain platform.
Maybe just, you know, start on that positioning. I think the one nuance that investors struggle with is just, you know, code-level security and binary security, and really kinda dig into how that differentiates JFrog and, you know, why you think it's defensible.
Yeah. Thank you very much for the question, Jonathan. Thank you for the quote as well. Very helpful, I think, for many investors. I think one of the big, I guess, misconceptions and sometimes between investors is the difference of source code and binaries, and that there is a very distinct difference. I think to start in terms of the easiest distinction is that one is deployed into the wild, the binary, and is exposed out into the wild. One is kept very well protected and behind your firewall within the organization and never leaves the firewall.
As it relates to source code security and binary security, what I've tried to do to help investors is to talk about the fact that the announcement, one, I think there was obviously a negative reaction, but maybe a miss on the positive potential of that announcement. Two, I'll start as well with the fact that if you make the assumption that I've secured everything because I've done security in source code, then there wouldn't be a need or high demand for one of the three reasons I buy Advanced Security from JFrog for binary, which is secrets detection, which has been done in source code for over 20 years.
We just found a way that we think that actually helps you because even if I, the developer, say, "Yes, I will in fact go delete this password before I hit compile," if I happen to hit compile, that is now out there in the wild and is available to hackers and very malicious actors. You know, as it relates to kind of, you know, overall binaries and source code, I think as you said, they're very complementary. I've made the comment in other presentations, you may have heard that, you know, listen, we are the plumbing.
JFrog is the plumbing, the infrastructure layer in your house, something that you were very incremental in your deployment with because having to go back on that would have been very painful and having to replace that's not very easy. Now, I'm no plumber. Replacing a kitchen sink is not very easy either, but it's easier than doing the plumbing. I think we've seen just even in the last 15 months, a lot of these tools that are used in source code changes who the leader is, and we wanna continue to integrate with those tools.
As your quote stated, Jonathan, I think the real difference here, and one of the examples I've tried to use from the blog from our CTO that was written the Monday after that I think has really resonated with investors is, would you really like to have your trial if you were unfortunately involved in such a matter, be done with just two lawyers? They'd be continually, "Your motion's denied. No, your motion's denied." No, you're gonna need that lawyer in the courtroom to say, "Okay, Mr.
Lawyer, be brilliant, do your thing, but here's the rules of my courtroom, my corporation, and do your thing within those rules." That's where JFrog and what binaries do. We're the governance and enforcement aspect of what the organization wants to happen as code and software is being built.
Yeah. Ed, you wanted to?
Yeah. No, what I was gonna say is you need the judge, not just the lawyer. It's
Yes.
The judge.
Judge. Yeah, sorry.
Yeah.
Too many lawyers.
Too many lawyers.
Not enough judges.
Not enough judges. Yes, yes.
You know, the other thing I'm hearing from users is a team of developers could use 10 different static application or security composition analysis tools. There is still the need for kind of the human review of what those tools are telling you.
Yeah.
Just specifically to, you know, before we put this subject to rest, you know, Xray specifically, I know the adoption has been quite strong with the install base. Can you just clarify where that is? Then, you know, to your point, Ed, you know, you talked about, you know, the Advanced Security portfolio as being kind of more important, especially at the binary level. How that conversion has looked like from Xray, which is the starting point, to the actual security binaries, which is Advanced Security.
Yeah. I'll start, Jeff, if you can fill in. Xray, first of all, that's part of the enterprise application or enterprise platform. It's also part of our Pro X subscription. That's included, that's ground zero in terms of security, and that does scanning capabilities. Once you bring the binary in. Organization that it scans and make sure that there's no malicious packages inside, the binary. The security, Advanced Security and Curation is an add-on, so that is a separate product. You have to have Artifactory and you have to be an enterprise customer in order to have Advanced Security or Curation.
Now, what we see today is approximately 3,000 users, JFrog users, and customers that are on, using Xray. That is really our opportunity to go after, the add-on for Advanced Security and Curation. Today, we have hundreds of customers that are using it. We haven't given the number exactly, but we have hundreds of customers. You saw the results at the end of Q4. We have 16% of our RPO, 10% of ARR, 7% of our revenue that is coming from security.
We certainly see great momentum coming from our security core products and customers are very pleased with protecting the outside or what we call protecting the castle through Curation, and we saw great momentum in the second half of 2025. We also see this adoption of Advanced Security as point solutions are being replaced and a consolidation from the point solutions to JFrog Advanced Security.
Ed covered a lot. What I would just quickly add is kind of what I've alluded to in my first answer is the fact that let's look at what source code security is trying to do and what maybe even that announcement alluded to. We're gonna make better quality code. Great. If you're making a higher quality code and securing a better quality code, it is more likely than it is going to go into production, and we are going to have then a production binary which needs to be updated, maintained, stored. Versus today, speaking to my team internally that's very quote, "customer forward-facing," it's still the case even as of last week.
We're still working with the agents to get it to do what we want. Build, compile, not good enough, bust. We're creating code and we're creating binaries, but it's not to the same scale of what it would be that when I put a production binary out there, I will have to do several updates to that. That will create additional data transfer and usage. I'll have to store that. I think that's another aspect that announcement, if they're gonna make the golden cup or golden chalice of code and source code great, it doesn't mean that it's over. It's the same thing that we've said that Ed just talked about our Curation product.
In combination with Xray, we're not telling customers that because you have Curation deployed and you have a centralized kind of policy of what's even being brought into the organization, that you should stop using Xray. It's still best practice to continue to use Xray as well. I think there was this conception that I've made it so good on the source code side that I don't have to do any more security functionality after that point, and I think that was maybe a disconnect.
Yeah.
Yeah.
Yeah. You know, there's so much, well I call it misinformation. I've got that, you know, just opinions on where this is all headed. Actually, Elon Musk predicted that AI. You're laughing, you know what I'm going to say. That AI will skip programming languages that humans use to go directly to the X's and O's, the machine readable format. You know, binaries in that example, if it were to come true, would see tremendous growth.
Yeah.
Did you have any thoughts on that? I mean, are you seeing in any customers the opportunity to kind of use these LLM models to go directly to the binary as opposed to starting off with human coding?
I think that we're still understanding agents and wanting to use the agents. I think that that's a very forward-looking idea. I think it could be an idea that could come true as you start to see more of commoditization in the creation of code with the use of agents and what they can build. I don't know that it's anything we've yet heard, Jonathan, in terms of customers looking at that yet, because I still think that they're trying to solve the security, the implementation of agents. Things obviously are moving quickly in this day and age, but, you know, you're right.
I think what that signals is that if we have to then or are able to start then at the binary. I think the importance of that asset will then also significantly increase, and we think that that will bring a lot of attention to JFrog as hopefully the system of record for that AI and for that binary.
Yeah. Yeah, makes sense. I mean, you know, some of the questions I've had from investors is around when will Anthropic, you know, come out with a supply chain platform? Does that actually make economic sense then given all the money that they're having to spend to train models? I mean, is that a use case that can really generate the returns their investors require? You know, I think the bigger point is, you know, security is tough, right? You've got security engineers, you've got this domain knowledge that's taken years to build up the understanding of workflows, and you gotta tag metadata, you know, within the LLM models to be able to control those binaries and provide those guardrails.
It's, you know, to me, I think when, where I sit, when I look at the potential worst case scenario, it would be an Anthropic or an OpenAI, you know, going out and just spending a ton of money upon, you know, a bunch of interesting startups that, you know, could compete with you as opposed to trying to do it internally. Anyway, I'm kind of meandering here.
Yeah.
Let's talk about the Switzerland. To me, it's very important to have, you know, kind of this trust to be independent. I think you've given an example of Anthropic generating a binary that is then used by OpenAI to create another artifact. You know, talk about the implication of that and why that sets you apart from, you know, maybe someone trying to do it within a model foundation.
Well, I think to the gist of your question, Jonathan, I think it's much about that universality that's too integrated to fail. It goes back to the statement that I've been making that in this world, we've seen a very rapid evolution from who the quote-unquote leader or who is the tool of choice today for my AI developing. In that world, we've seen, you know, 15 months ago, Copilot, it was OpenAI. Today, you know, JFrog, we utilize Claude internally to build JFrog as well. I think that having that universality, because we obviously hear from investors as well. What about partnerships? We would love to work with all of these types of native AI or large language model companies.
At the same time, I don't think you can point to one and say, "That's the one you need to work with," because we've already seen a landscape that is rapidly evolving as to who is the tool of choice for shift left in source code. And if you don't have that universality and you make that bet on, let's say, one horse, if that horse isn't the horse that ends up winning, then you don't have that ability to be true to the underlying infrastructure for an organization or software development.
Yeah. Makes sense. Now you have referenced a foundational model provider who's looking to use Artifactory as a control plane for thousands of AI models. Can you just, you know, elaborate on what that looks like? Is it primarily around storage and distribution, or does it also expand into modern monitoring and governance and security?
Yeah. At this stage, it's about storage and distribution. This is a customer that landed with JFrog in Q1. It started off as a self-hosted. Today, it's still a self-hosted, and they took an Enterprise Plus subscription. In Q2, that customer expanded and doubled the ARR, and now today it's over $1 million in terms of ARR. They're using that for the storage of their models and the distribution of their models. They also use it to build their infrastructure as well in terms of updates and deploying those updates. It's a great case. It's a foundational AI customer. We have three of the top five.
We openly speak about one of those, which is NVIDIA. The other two we can't speak about. Of those top five, we speak with all of them. There could be an opportunity in the future to have all five of the foundational AI companies as JFrog customers.
Yeah. Oh, go ahead.
The other two you made, is that from systems or the?
Yes. Today, the other two are using homegrown tools or trying to put together open source. We're, as I mentioned, in discussion with them, hoping to standardize them on JFrog.
I wanted to just touch on Q4. The SaaS revenues grew, revenue grew 42%. You know, you're continuing to see usage, you know, beyond the, you know, committed package. Let's touch on that. From what I understand, overages are priced at a 20%-25% premium to negotiated rates. So that's a pretty, you know, material uptick. Then that, you know, provides an incentive for the customer to come back and you to negotiate, you know, a more favorable rate. But, you know, it certainly has, you know, a positive impact on ARR.
If you just talk about, you know, the type of customer within the install base where you're seeing that behavior, is it isolated to a certain segment or is this broad-based? Then the drivers in terms of, you know, you talked about the PyPI and, you know, the containers and, you know, some of these applications having a bigger memory footprint. You know, what's that dynamic that ultimately drives that higher consumption?
Sure. It's a great question. We actually did 45% year-over-year growth for the year, 42% in the quarter, and we're very pleased with where the cloud growth went on a year-over-year basis. It was an incredible year. We saw something in 2025 that we had not seen in 2024, which was usage over minimum commit. So customers are using. There was a push maybe from management or the board to innovate. Much of that was conventional package types, but we did see this emerging trend coming from native AI package types. So, Hugging Face, Conda, PyPI, these are packages that we know are specific to AI, and we saw a significant increase in those package types throughout the year.
Now, in addition to that, Jonathan, you talked about how. Was it narrow? Was it broad? This was broad-based. It was across every single industry. We penetrate top ten across all industries. We have 80%+ of the Fortune 100, and there was not an industry where we did not see an increase for a customer that was exceeding minimum commitments. It was very positive from that perspective that it wasn't concentrated into one industry, but broad-based. Third was around what we are doing today now to capture those customers that are spending above their minimum commits and converting that to an annual commitment and increasing the minimum commitment, so that way , we have better visibility and clarity around where we're going to guide going forward.
The word, the keyword here is clarity. Many of the customers today do not have clarity around what AI and what their workloads are gonna look like in the future. Therefore, they're willing to spend more than their annual minimum commits and maybe even go into an annual commit rate that's higher than their contractual minimum commit rate. If it's a 20%-25% increase in terms of the data consumption usage, they're willing to do that until they have true clarity. Once they have the clarity, then they're willing to commit with JFrog. We can't go after every single customer. It wouldn't make sense for us to go after every single customer that's spending over their minimum commit.
Certainly, those large customers that have consistent continued use over the minimum commitment, we will certainly have an engaged conversation with those customers. It economically makes sense for them to commit to a larger commitment, annual commitment with JFrog. They get better unit economics. They go into a higher tier or higher usage, and a better tiered pricing, and it becomes a benefit to them. It's also a benefit to JFrog because we have better visibility on our commitments going forward and improves our ability to guide.
Are you at the point where customers have that visibility and they're willing to commit, or is it still very much, "Let's kinda see if this is something that's sustained in terms of how we use JFrog now?
We had success in 2025 in converting some of those customers. We're still speaking with those customers on a daily basis, and I wouldn't say that there's full clarity at this stage, but I believe that several customers in the future should be able to commit to higher annual commitments with JFrog.
Just remind us also on the guidance philosophy. I think you established this outlook that's based on a floor including any kind of upside potential from these, you know, overages and also large deals. Just update us on that.
Yeah. We actually changed the guidance philosophy mid-2024. There was a cadence of somewhere between 1% and 1.5% beat. Even if I take a step back, I'm stepping into year three as the CFO. I've been with the company seven years. The company has changed. There's been tectonic shifts in the way that this company has shifted and the go-to-market, the size of the deals, the ASPs. We would have, say, three or four years ago, a $200,000 deal was a very big deal for JFrog. But if that deal pushed, it was easy to pull three or four deals that were in the tens of thousands to cover that deal. Today, we have seven and eight-figure deals.
Those deals are a little bit more difficult regardless of how many of those you have in the pipeline to pull earlier into the quarter and close. Therefore, we changed our philosophy. We wanted to be very responsible. We excluded our largest deals. Many of those are deals that either have a migration from self-hosted to cloud or they're taking security. They go through long negotiations that include procurement, maybe even the office of the CFO to sign off, and uncertainty in timing of when those will close, so we exclude those from our guidance. The second piece is the usage over the minimum commit.
We saw heavy usage over minimum commits in 2025. We exclude that, and by doing that, we establish, as you mentioned, a floor. What we guide is a floor. 31% in the midpoint for our cloud is a floor. We would expect that assuming no large deals, no usage over minimum commit, 31% year-over-year growth in the cloud would be very, very reasonable. If we continue to see the trends that we saw in 2025, then there could be meaningful upside to those numbers.
How do you quantify a large deal?
A large deal not necessarily is quantified by a number because that number could change over time by the complexity of the deal. It could be, as I mentioned, a migration from self-hosted to cloud. It could be taking on security. It could be a significant increase driven by usage, and they have to take a commitment on a larger annual package, which could be multiple millions of dollars over a long period of time, say two or three years. The complexity of the deal is really what drives the decision of a de-risk.
Yeah. Let me see. Any questions, Justin?
You know, just out here with John and Corey, you know, sort of introduced some product last week. Like, you've obviously had to, in order to reduce something to look better. How much work was involved in this product? Was this the best, or how do you guys do 30-day turn on that deal? This is sort of, these things have changed so much from a perception to just another 30-day, another 60-day, and people realize, like, what is, like, what do you guys think is around the corner? Like, why don't you show us that this is raw human error that would be here that are actually being developed, and this is happening for a reason.
Yeah.
Yeah.
Why don't I start, Jeff, and then you can fill in with your opinion on this. It's a great question. The question was, how do you change the perception? Every Friday, some new news right at the market close is coming out and we're defending ourselves as AI defendable company. Why are you AI defendable? My job has certainly changed. It's no longer talking about what JFrog is doing so great and the execution that we've done over the past year and probably had the best year in the history. I'm defending JFrog every single day for the last month and a half since we've had our earnings. But that's okay. I don't mind doing that.
There's three things that we thought about on February 20th at 2 P.M. after that news came out. The first was, we created a blog by our CTO and co-founder, which I think really gave good insights around why JFrog is defendable against source code scanning and what JFrog does in the binary. Jeff articulated one point really good, which is you'll have a room of lawyers which are your agents, and those lawyers will argue the case, but you have to have a judge that governs and controls what goes in and out of your organization. You have to be able to go through each of those check gates, and that has to be managed and automated.
It cannot be done by agents. The second is the buyback, which I'm sure we'll talk about. We immediately had a board meeting, and we deployed $300 million of capital to be able to do a buyback. Why would we do that? First of all, we're very fortunate that we drive a significant amount of free cash flow that gives us the opportunity to do this. It also gave us an opportunity where maybe, you know, investors and the market over-rotated based on the fundamentals of the business. We took advantage of that, and we did a $300 million buyback.
The third leg of the stool, so to speak, is gonna have to be execution. The only way to disprove this theory that JFrog is gonna be displaced by the AI labs is to continue to execute. As long as we execute, I think ultimately the market will come back and understand truly that the value is not, or that JFrog is not gonna be replaced, but the value will be a collaboration between the AI labs that are driving efficiency for developers and source code, and the hosting of those binaries and securing, deploying those binaries through a single source of truth or a system of record, and that being JFrog.
I'll just quickly add, I think the thing that I would say is it's always my job, obviously, as CEO, I already get out there and talk with all of you and try to educate you as to how we see things. I think we've done that. I think we'll continue to focus, as Ed said, on our execution. That's what we can control. That being said, I would like to say this, that I think a lot of the argument that's been made is very simplistic in nature, and this is not something you can oversimplify.
Very similar to what started when I was here four years ago with you collectively as an investment group saying that a company that created source code was going to move right and mud stomp us because binaries are nothing, and there was gonna be one platform for them all in an enterprise. One platform for them all is not something that the enterprise is interested in. This is a very oversimplified thing, and I think at this time, instead of oversimplifying things, I think some investors would be very well served to talk to our customers after hearing the quote that Jonathan just gave and understanding that the people that are buying JFrog, how they view this versus what I think is a very much more oversimplified view of what Wall Street's taking today.
Yeah.
We have less than two minutes. Any other questions from the audience? You know, one thing that I think, you know, from my perspective, would be important to demonstrate over the next 12 months is, you know, you talk about, you know, supply chains, the supply chain for software, and then how a lot of those capabilities are relevant to AI models, AI development, and also ML development. And I know it's early in that journey, but anything that you can share as relates to are customers seeing governance control, you know, security, the other controls as they build ML models similarly to how they've developed software? Is that approach starting to resonate with those customers?
Well, I think the governance aspect and the DevOps that we introduced in early September at our user conference swampUP last year in 2025 was very forward-thinking to where we are today. It was the first of its kind product. Again, a pain point that our customers had brought to JFrog to solve a pain point for customers, where today I'm manually keeping these records in Excel spreadsheets or what have you of the gates that have been passed as I build an application to have a record of that to present if something was to go wrong.
This ties into another example I've tried to use in saying that, God forbid I wake up one day and say, "Well, I'm gonna just go ahead and secure my whole software stack with Claude," and then we have a breach, and I can't go into the courtroom and say, "Well, Claude fixed it right here in the chat." Okay, I'm gonna need to have this digital record at every gate and that every gate was passed. Now JFrog is offering our AppTrust solution that we're rolling out to customers this year, and that does the exact thing that we're talking about, the governance layer of keeping a record so that you have every gate stored in that platform for every build.
We think that the customers have had a great response to this, and you heard it even at swampUP from some of our customers talked about the product. I think that's the next opportunity that we can bring to the market to add in terms of products to the platform.
Yep. All right. Well, fantastic. I think that hits our time limit. Ed, Jeff, thank you very much. Thanks everybody for attending.
Thank you, Jonathan.