Q3 2025 JFrog Ltd Earnings Call

November 6, 2025

Our remarks, we will host a question and answer session.

If he would like to ask a question. Please raise your hand, if you have dialed into todays call. Please press star nine to raise your hand and star six on mute.

I will now hand, the conference over to Jeffrey Schreiner head of Investor Relations. Jeffrey. Please go ahead.

Thank you Nicole good afternoon, and thank you for joining us as we review <unk> third quarter 2025 financial results, which were announced following the market close today via press release, leading the call today will be Jay <unk>, CEO and co founder Shlomi Bighorn and grab side Shaffer our CFO.

During this call we may make statements related to our business that are forward looking under federal Securities laws and are made pursuant to the safe Harbor provisions of the private Securities Litigation Reform Act of 1095, including statements related to our future financial performance, including our outlook for the full year of 2025. The words anticipate believe continue.

Estimate expect intend will and similar expressions are intended to identify forward looking statements or similar indications of future expectations. You are cautioned not to place undue reliance on these forward looking statements, which reflect our views only as of today and not as of any subsequent date. Please keep in mind that we are not obligating.

To revise or publicly release the results of any revision to these forward looking statements in light of new information or future events.

These statements are subject to a variety of risks and uncertainties that could cause actual results to differ materially from expectations for a discussion of material risks and other important factors that could affect our actual results. Please refer to our Form 10-K for the year ended December 31, 2024, which is available on the Investor Relations section of our website and the earnings press.

Release issued earlier today.

Additional information will be made available in our Form 10-Q for the quarter ended September 32025, and other filings and reports that we may file from time to time with the SEC.

Additionally, non-GAAP financial measures will be discussed on this conference call. These non-GAAP financial measures, which are used as a measure of <unk> performance should be considered in addition to not as a substitute for or in isolation from GAAP measures. Please refer to the tables in our earnings release for a reconciliation of those measures to their most <unk>.

Record comparable GAAP financial measures a replay of this call will be available on the <unk> Investor Relations website for a limited time with that I'd like to turn the call over to Jay for our CEO Shlomi bin Hi, Shlomi.

Thank you Jeff Good afternoon, and thank you all for joining Nicole <unk>.

<unk> focus as a foundational platform and system of record for software delivery continues to drive momentum in our business and I'm pleased to report another solid quarter across all metrics.

Our execution remains focused our investments remains strategic and our customers continue to tell us we are helping them to meet the demands of the fast changing technology market.

In Q3, <unk> total revenue was $136 9 million.

Up 26% deal with it.

Our operating margin was 18, 7% in the quarter, demonstrating our ongoing discipline between expenses and strategic investments.

Cloud revenue for Q3, equaled $63 4 million representing.

Representing 50% there will be goals.

We experienced another strong quarter of cloud revenue growth driven by increased usage of conventional software packages and ongoing increases in usage of artefacts such as by Pi Docker containers, NPM and models coming from hugging face for AI and <unk>.

<unk> learnings.

Our go to market teams are executing on a clear strategy of guiding cloud customers with usage overages towards higher annual commitments in order to build stronger partnerships and drive predictable long term value for customers and for April.

Our enterprise sales motion has continued to bear fruit with greater than 1 million customers growing to 71 compared to 46 in the year ago period, equaling, 54% growth <unk> <unk>.

Customers spending more than $100000 annually grew to 1121 compared to 966 in the year ago period, equaling, 16% year over year goals.

In Q3, our four trailing quarter net dollar retention was 118% demonstrating sustained growth among our customers base driven by strong cloud usage and fueled by our holistic software supply chain security offering Ed will further discuss net dollar retention.

Later in the call.

Now, let me spotlight Q3's wins, including cloud and security and discuss <unk> AI and machine learning development.

First addressing our cloud growth in Q3.

Our ongoing growth in the cloud is supported by two vessels our expertise in managing customers binaries as they scale alongside AI generated artifact and our observation of emerging trends in AI software package volume.

We believe Q3s cloud performance reinforces how customers view, the <unk> platform and RT factory at the core of their operations.

<unk> is already positioned as the universal binary repository to manage all software artifact.

Coming the model registry of the software supply chain.

As software continues to be created at an ever growing pace by both humans and machines. The volume of artifact rises demanding not just intelligent storage, but the robust binary delivery system and a single reliable system of record.

As bill delivery pace increases our customers are adopting hybrid fitful purpose cloud strategies for the emerging AI workloads.

Tell us they value clouds elasticity for AI adoption and deployment, but to remain flexible in their approach due to the unpredictable compute cost advising us that it's still too early for them to go all in on the public cloud.

Meanwhile, the volume of AI, driven packages as rising fueled by our having faced integration and native support for ml models, Docker NPM Ipi and other key components demanded by AI.

We continue to monitor cloud adoption and AI driven usage closely and believe it is still too early to bet on significant cloud usage growth.

Our hybrid and multi cloud offerings differentiate J frog and uniquely position us to capture expansion due to AI.

<unk> in the cloud or on Prem delivering unmatched software supply chain holistic platform capabilities and deployment flexibility.

Next to security.

In Q3 again, we saw some of <unk> largest customers wins, including new logos and significant multiyear contracts.

Any of these deals included J bogs holistic security solutions, such as Jay for Curation, and Jay Prague Advanced security.

We experience with customers purchasing behavior across multiple verticals and geographies. For example, we closed a three year deal with the United Kingdom's Customs and revenue agency with a <unk> of $9 million.

In a similar mode at key U S. Federal agency chose <unk> to shift flipped with <unk> security solutions and protect the software supply chain and 2000 developers with an enterprise class subscription <unk> advanced security and Jay population as the open source software package firewall.

Good.

In North America, our enterprise focus drove the closing of a net new customer deal with a TCE of more than 4 million four one of the world's top energy Corporation.

It was seeking to modernize and standardized software supply chain security and processes for the 3500 developers choosing the core <unk> platform with <unk> security solutions in the cloud.

This example wins give us confidence that the future of the software supply chain security and software governance market is being written not buy point solutions, but by holistic system of record that incorporate binary management and end to end security consolidated into a single platform.

Operator: Thanks, call. After today's prepared remarks, we will host a question-and-answer session. If you would like to ask a question, please raise your hand. If you have dialed into today's call, please press star nine to raise your hand and star six to unmute. I will now hand the conference over to Jeffrey Schreiner, Head of Investor Relations. Jeffrey, please go ahead.

And protect those software supply chain in 2000 developers with an enterprise class subscription <unk> advanced security and Jay population is the open source software package firewall.

In North America, our enterprise focus drove the closing of a net new customer deal with a TCE of more than 4 million four one of the world's top energy corporations that were seeking.

Our unified platform is a growing requirement as companies have seen software supply chain attacks increases significantly over the past few.

Jeffrey Schreiner: Thank you, Nicole. Good afternoon, and thank you for joining us as we review JFrog's third quarter 2025 financial results, which were announced following the market close today via press release. Leading the call today will be JFrog's CEO and co-founder, Shlomi Haim, and Ed Grabscheid, JFrog CFO. During this call, we may make statements related to our business that are forward-looking under federal securities laws and are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, including statements related to our future financial performance, including our outlook for the full year of 2025. The words anticipate, believe, continue, estimate, expect, intend, will, and similar expressions are intended to identify forward-looking statements or similar indications of future expectations.

Seeking to modernize and standardized software supply chain security and processes for the 3500 developers choosing the core <unk> platform with <unk> security solutions in the cloud.

These effects have become more sophisticated targeting build pipelines AI and machine learning software supply chain and exploiting the liabilities and software binaries.

Recent NPM.

This example wins give us confidence that the future of the software supply chain security and software governance market is being written not buy point solutions, but by holistic system, a freckled that incorporate binary management and end to end security consolidated into a single platform.

And MCP attacks show hackers I'll keep keeping pace with technology, but our security research team and the <unk> solution has been praised by our customers for protecting them from this recent potentially devastating attacks.

Our cyber security lead at a Fortune 50 American company noted to US following the NPM attack.

Our unified platform is a growing requirement as companies have seen software supply chain attacks increases significantly over the past year.

Our <unk> deployment.

Jeffrey Schreiner: You are cautioned not to place undue reliance on these forward-looking statements, which reflect our views only as of today, not as of any subsequent date. Please keep in mind that we are not obligating ourselves to revise or publicly release the results of any revision to these forward-looking statements in light of new information or future events. These statements are subject to a variety of risks and uncertainties that could cause actual results to differ materially from expectations. For discussion of material risks and other important factors that could affect our actual results, please refer to our Form 10-K for the year ended 31 December 2024, which is available on the Investor Relations section of our website, and the earnings press release issued earlier today.

<unk> has become more sophisticated targeting build pipelines AI and machine learning software supply chain and exploiting the nobility is in software binaries.

A very effective and efficient supply chain protection, we were able to shut down recent provider attacks in mere minutes once discovered and the control has proven 100% successful theme and quote.

Recent NPM.

<unk> and MCP attacks show hackers are keep keeping pace with technology, but our security research team and the <unk> solution has been praised by our customers for protecting them from this recent potentially devastating attacks.

Nothing fuels is small than our customers feedback and we are committed to safeguarding the sort of supply chain and aiming to ensure digital trust across the software package lifecycle.

Hackers are targeting software supply chain there.

Our cyber security lead at a Fortune 50 American company noted to US following the NPM attack.

I know the binaries software packages containers and AI models are gateways into our customers' runtime environment.

Jeffrey Schreiner: Additional information will be made available in our Form 10-Q for the quarter ended 30 September 2025, and other filings and reports that we may file from time to time with the SEC. Additionally, non-GAAP financial measures will be discussed on this conference call. These non-GAAP financial measures, which are used as a measure of JFrog's performance, should be considered in addition to, not as a substitute for, or in isolation from, GAAP measures. Please refer to the tables in our earnings release for a reconciliation of those measures to their most directly comparable GAAP financial measures. A replay of this call will be available on the JFrog Investor Relations website for a limited time. With that, I'd like to turn the call over to JFrog CEO, Shlomi Haim. Shlomi.

Our <unk> deployment.

This is now a real threat to every organization.

They're very effective and efficient supply chain protection, we were able to shut down recent provider attacks in mere minutes once discovered and the control has proven 100% successful theme and quote.

Without strong protection for your software supply chain and binaries Youll remain exposed.

And Thats not a question of if but when.

While one quarter doesn't define the consumption trend Q3's adoption of <unk> security solutions give us cautious optimism for border long term momentum.

Nothing fuels is small than our customers feedback and we are committed to safeguarding the software supply chain and aiming to ensure digital trust across the software package lifecycle.

Now to AI and machine learning.

We continue to gain traction in the market as the model registry providers and are being positioned as a system of record for AI delivery validated by some of the world's leading AI companies in fact, Justin Boitano VP of enterprise AI at Nvidia noted at the <unk>.

Hackers are targeting software supply chain.

No the binaries software packages containers and AI models are gateways into our customers' runtime environment.

Shlomi Haim: Thank you, Jeff. Good afternoon, and thank you all for joining the call. JFrog's focus as a foundational platform and system of record for software delivery continues to drive momentum in our business, and I'm pleased to report another solid quarter across all metrics. Our execution remains focused, our investment remains strategic, and our customers continue to tell us we are helping them to meet the demands of a fast-changing technology market. In Q3, JFrog's total revenue was $136.9 million, up 26% year-over-year. Our operating margin was 18.7% in the quarter, demonstrating our ongoing discipline between expenses and strategic investments. Cloud revenue for Q3 equaled $63.4 million, representing 50% year-over-year growth.

This is now a real threat to every organization.

Without strong protection for your software supply chain and binaries Youll remain exposed.

<unk> annual user conference swamp up in mid September the <unk> enables enterprises to securely build manage and scale AI agents. The next generation of intelligent software from development to production growth.

That's not a question of if but when.

While one quarter doesn't define our consumption trend Q3's adoption of <unk> security solutions give us cautious optimism for border long term momentum.

AI ages are the next wave of enterprise innovation.

Now to AI and machine learning.

But they are also the newest and most critical software artifact to secure this is no longer just about models, it's about industrializing intelligent autonomous agents.

By integrating with Nvidia AI enterprise and streamlining deployment onto AI factories, J frog is delivering the essential pipeline to rapidly secure manage and scale. This AI agents from development straight into production and quote.

Shlomi Haim: We experienced another strong quarter of cloud revenue growth, driven by increased usage of conventional software packages, and ongoing increases in usage of artifacts such as PyPI, Docker containers, NPM, and models coming from Hugging Face for AI and machine learning. Our go-to-market teams are executing on a clear strategy of guiding cloud customers with usage overages toward higher annual commitments in order to build stronger partnerships and drive predictable, long-term value for customers and for JFrog. Our enterprise sales motions continue to bear fruit, with greater than $1 million customers growing to 71 compared to 46 in the year-ago period, equaling 54% growth year-over-year. Customers spending more than $100,000 annually grew to 1,121 compared to 966 in the year-ago period, equaling 16% year-over-year growth.

Moving throughout 2025, J Prague has embraced the AI revolution, focusing on what we believe we do best driving the next standouts in the market as the single source of tools for AI software packages.

AI agents are the next wave of enterprise innovation.

There are also the newest and most critical software artifact to secure this is no longer just about models, it's about industrializing intelligent.

We integrated <unk> into the <unk> platform and following data scientists and developers to build test experiment and deliberate tested models into production, we launched our MCP.

<unk> agents.

Alongside ground breaking MCP security research.

Redefining how developers in AIA agents interact with the software delivery platform.

In addition, we introduced AI catalog and new add ons to Jay fluctuation designed to secure and govern both third party and internally developed AI models, ensuring the safe compliant and in line with company policies for responsible views.

Moving throughout 2025, <unk> has embraced the AI revolution, focusing on what we believe we do best driving the next standouts in the market as the single source of tools for AI software packages.

Shlomi Haim: In Q3, our fourth trailing quarter net dollar retention was 118%, demonstrating sustained growth among our customers' base, driven by strong cloud usage, and fueled by our holistic software supply chain security offering. Ed will further discuss net dollar retention later in the call. Now, let me spotlight Q3's wins, including cloud and security, and discuss JFrog's AI and machine learning developments. First, addressing our cloud growth in Q3. Our ongoing growth in the cloud is supported by two vectors: our expertise in managing customers' binaries as they scale alongside AI-generated artifacts, and our observation of emerging trends in AI software package volume. We believe Q3's cloud performance reinforces how customers view the JFrog platform and Artifactory at the core of their operations. JFrog is already positioned as the universal binary repository to manage all software artifacts, and is becoming the model registry of their software supply chain.

Most of the organization.

We integrated <unk> into the <unk> platform and following data scientists and developers to build test experiment and deliver trusted models into production.

Our next generation of offerings in ml, and AI as well as our Dev ops and security products were highlighted for customers and analysts at swamp up in Q3.

We launched our MCP server alongside groundbreaking MCP security research.

Every <unk> welcomes customers prospects and partners to our Swamp conference at key industry gathering for Dev ops that pickups and <unk> users. This year <unk> innovations, we're front and center with banks holding solutions for customers.

Redefining how developers in AIA agents interact with their software delivery platform.

In addition, we introduced AI catalog and you add on to Jay fluctuation designed to secure and govern both third party and internally developed AI models, ensuring the safe compliant and in line with company policies for responsible views across.

On stage, we announced a new way for companies to govern and trust the application with an innovative product J pop up trust.

Loss of the organization.

<unk> joined full day opening keynote by Nvidia service now Github and sonar to showcase our partnerships in an industry first Deb Gov up solution.

Our next generation of offerings in ml, and AI as well as our Dev ops and security products were highlighted for customers and analysts at swamp up in Q3.

They have golf ops bring software development security and GLC groups together focusing on once again, the key asset of any company to softer binary.

Every year <unk> welcomes customers prospects and partners to our Swamp conference at key industry gathering for Dev Ops Dev hiccups in the MLR apps users. This year <unk> innovations, we're front and center with paint holding solutions for customers.

As the complexity and the award of software increases the requirements of security compliance and governance put pressure on development teams.

Shlomi Haim: As software continues to be created at an ever-growing pace by both humans and machines, the volume of artifacts rises, demanding not just intelligent storage, but a robust binary delivery system and a single reliable system of record. As their delivery pace increases, our customers are adopting hybrid, fit-for-purpose cloud strategies for their emerging AI workloads. They tell us they value cloud's elasticity for AI adoption and deployment, but remain flexible in their approach due to the unpredictable compute cost, advising us that it's still too early for them to go all in on the public cloud. Meanwhile, the volume of AI-driven packages is rising, fueled by our Hugging Face integration and native support for ML models, Docker, NPM, PyPI, and other key components demanded by AI.

On stage, we announced a new way for companies to govern and trust the application with an innovative product J Paul Upthrust.

They need to really fast and often combined with high regulation.

Automation and collection of evidence such as quality testing or security results to keep software flowing with confidence.

We will join for the opening keynote by Nvidia service now Github and sonar to showcase our partnerships in an industry first Deb golf ops solution.

With the new J for Amtrust product companies will now have an automated way across platforms to manage governance as they deliver software faster than ever before.

They have golf ops bring software development security and GLC groups together focusing on once again, the key asset of any company the softer binary.

True to our vision of cross industry collaboration and our commitment to build solutions that are integrated to fail Upthrust was launched in partnership with service now as the IC op system, a freckled with J product as the system of record for the software supply chain in the world of fraud.

As the complexity and the award of software increases the requirements of security compliance and governance put pressure on development teams.

They need to release fast and often combined with high regulation requires automation and collection of evidence such as quality testing or security results to keep software flowing with confidence.

All three party general manager I TSM at service now.

The future of software built by developers and AI agents must include automated governance.

Shlomi Haim: We continue to monitor cloud adoption and AI-driven usage closely and believe it is still too early to bet on significant cloud usage growth. Our hybrid and multi-cloud offerings differentiate JFrog and uniquely position us to capture expansion due to AI, whether in the cloud or on-prem, delivering unmatched software supply chain holistic platform capabilities and deployment flexibility. Next, to security. In Q3, again, we saw some of JFrog's largest customers' wins, including new logos and significant multi-year contracts. Many of these deals included JFrog's holistic security solutions, such as JFrog Curation and JFrog Advanced Security. We experienced this customer's purchasing behavior across multiple verticals and geographies. For example, we closed a three-year deal with the United Kingdom's Customs and Revenue Agency with a TCV of $9 million.

Achievable only through evidence based quality data and systems.

With the new J for Amtrust product companies will now have an automated way across platforms to manage governance as they deliver software faster than ever before.

<unk> is paving the way to make that vision a reality.

In security, we further showcase new abilities to secure developer extensions of the plug ins developers use indoor environments.

True to our vision of cross industry collaboration and our commitment to build solutions that are integrated to face up to US was launched in partnership with service now as the system of record with J fog as the system of record for the software supply chain in the awards of fraud.

This is a different type of supply chain attack and jimbo customers can now protect developer extensions. In addition to those software assets.

We also launched agenda remediation capabilities and demonstrated onstage how J pop solutions use AI agents to detect vulnerabilities in source code identifier remediation methods <unk> contextual path to fix problems and even protect against similar vulnerability.

All three party general manager at TSM at service now.

The future of software built by developers and AI agents must include automated governance.

Achievable only through evidence based quality data and systems.

<unk> is paving the way to make that vision a reality.

The future first through our co pilot integration and soon available for other code assistance.

In security, we further showcase new abilities to secure developer extensions or the plug ins developers use in their environments.

Finally, we introduced J book fly the world's first agenda repository re imagining software supply chain management in the era of AI.

This is a different type of supply chain attack and GMO customers can now protect developer extensions. In addition to those software assets.

Shlomi Haim: In a similar move, a key US federal agency chose JFrog to shift left with JFrog Security Solutions and protect their software supply chain and 2,000 developers with an Enterprise Plus subscription, JFrog Advanced Security, and JFrog Curation as their open-source software package firewall. In North America, our enterprise focus drove the closing of a net new customer deal with a TCV of more than $4 million for one of the world's top energy corporations. They were seeking to modernize and standardize software supply chain security and processes for their 3,500 developers, choosing the core JFrog platform with JFrog Security Solutions in the cloud. These example wins gave us confidence that the future of the software supply chain security and software governance market is being written not by point solutions, but by a holistic system of record that incorporates binary management and end-to-end security, consolidated into a single platform.

We Jay Mcfly AI agents become co builders alongside developers orchestrating artifacts seamlessly across the entire software lifecycle.

We also launched agenda remediation capabilities and demonstrated onstage how <unk> solutions use AI agents to detect vulnerabilities in source code identify remediation methods <unk> contextual path to fix problems and even protect against similar vulnerability in.

This allows developers to focus on what matters, most delivering software to production faster at scale and without friction small teams now enjoy a zero hassle AI driven experience tightly integrated with Github and native AI tools like cursor Claude code and get up co pilot.

The future first through our detailed co pilot integration and soon available for other causes system.

J pop flies agenda capabilities will be shared with selected users, giving developers the teams the opportunity to experience AI assistant software creation and delivery. These capabilities are planned for full integration into the <unk> platform powering our customers in the new era of it.

Finally, we introduced J book fly the world's first agenda repository re imagining software supply chain management in the era of AI.

With Jay Mcfly, AI agents become co builders alongside developers orchestrating artifacts seamlessly across the entire software lifecycle.

Diligent automated software supply chain practices built on an agenda binary repository.

This allows developers to focus on what matters, most delivering software to production faster at scale and without friction.

We believe that this product innovations sure that swamp up or in the words of our customers AT&T a homerun for all users with that I'll turn the call over to our CFO, Ed grip shape with an in depth recap of Q3 financial results and our updated outlook for the full fiscal year.

<unk> teams now enjoy a zero hassle AI driven experience tightly integrated with Github and native AI tools like cursor Claude code and guitar co pilot.

Shlomi Haim: A unified platform is a growing requirement, as companies have seen software supply chain attacks increase significantly over the past year. These attacks have become more sophisticated, targeting build pipelines, AI and machine learning software supply chains, and exploiting vulnerabilities in software binaries. Recent NPM, PyPI, and MCP attacks show hackers are keeping pace with technology, but our security research team and the JFrog Curation solution have been praised by our customers for protecting them from these recent, potentially devastating attacks. A cybersecurity lead at a Fortune 50 American company noted to us following the NPM attack, quote, Our JFrog Curation deployment provides a very effective and efficient supply chain protection. We were able to shut down recent provider attacks in mere minutes once discovered, and the control has proven 100% successful since. End quote.

J pop flies agenda capabilities will be shared with selected users, giving developers our teams the opportunity to experience AI assistant software creation and delivery. These capabilities are planned for full integration into the <unk> platform powering our customers in the new era of intelligent <unk>.

Year of 2025 Ed.

Thank you Shlomi and good afternoon, everyone.

During the third quarter of 2025 total revenues equaled $136 9 million up 26% year over year.

Our over achievement during the quarter was the result of strong go to market and operational execution.

To make that software supply chain practices built on an agenda binary repository.

<unk> momentum in our cloud revenues growing adoption of <unk> security products and expansion by customers within our enterprise level subscriptions.

We believe that this product innovations sure that swamp up or in the words of our customers AT&T a homerun for our users with that I'll turn the call over to our CFO, Ed grip side with an in depth recap of Q3 financial results and our updated outlook for the full fiscal.

As noted by Shlomi third quarter cloud revenues grew to $63 4 million up 50% year over year and represented 46% of total revenues versus 39% in the prior year.

The year of 2025 Ed.

Our growth in the cloud was driven by increased usage across a broad set of package types.

Thank you Shlomi and good afternoon, everyone.

During the third quarter of 2025 total revenues equaled $136 9 million up 26% year over year.

Demand for J, Parag advanced security and duration.

And conversion of customers with usage above minimum commitments into higher annual contracts.

Shlomi Haim: Nothing fuels us more than our customers' feedback, and we are committed to safeguarding their software supply chains, aiming to ensure digital trust across their software package lifecycle. Hackers are targeting software supply chains. They know that binaries, software packages, containers, and AI models are gateways into our customers' runtime environment. This is now a real threat to every organization. Without strong protection for your software supply chain and binaries, you remain exposed. Attacks are not a question of if, but when. While one quarter does not define a consumption trend, Q3's adoption of JFrog Security Solutions gives us cautious optimism for broader, long-term momentum. Now to AI and machine learning. We continue to gain traction in the market as the model registry providers are being positioned as a system of record for AI delivery, validated by some of the world's leading AI companies.

Our over achievement during the quarter was the result of strong go to market and operational execution continued momentum in our cloud revenues growing adoption of <unk> security products and expansion by customers within our enterprise level subscriptions.

During the third quarter, our self managed or on Prem revenues were $73 $5 million up 10% year over year.

We continue to proactively engage our on prem customers to migrate that SEC ops workloads to our cloud or explore solutions better aligned with their specific use cases, including hybrid and fit for purpose deployments.

As noted by Shlomi third quarter cloud revenues grew to $63 4 million.

Up 50% year over year and represented 46% of total revenues versus 39% in the prior year.

In Q3, 56% of total revenues came from enterprise plus subscriptions up from 50% in the prior year.

Our growth in the cloud was driven by increased usage across a broad set of package types demand for J Parag advanced security and duration.

Driven by ongoing execution of our enterprise go to market strategy and broader customer adoption of the <unk> platform revenue contribution from enterprise plus subscriptions grew 39% year over year.

And conversion of customers with usage above minimum commitments into higher annual contracts.

During the third quarter, our self managed or on Prem revenues were $73 5 million.

Net dollar retention for the four trailing quarters was 118% consistent with the prior quarter highlighting the continued adoption of our security core products and increased cloud data consumption, resulting in higher customer commitments.

Up 10% year over year.

We continue to proactively engage our on prem customers to migrate depth setups workloads to our cloud or explore solutions better aligned with their specific use cases, including hybrid and fit for purpose deployments.

We continue to demonstrate that our customers view, Jay <unk> solutions as mission critical to their software supply chain with gross retention that equaled 97% as of the third quarter 2025.

Shlomi Haim: In fact, Justin Boitano, VP of Enterprise AI at NVIDIA, noted at the JFrog annual user conference Swamp Up in mid-September that JFrog enables enterprises to securely build, manage, and scale AI agents, the next generation of intelligent software from development to production. AI agents are the next wave of enterprise innovation, but they are also the newest and most critical software artifact to secure. This is no longer just about models. It's about industrializing intelligent, autonomous agents. By integrating with NVIDIA AI Enterprise and streamlining deployment onto AI factories, JFrog is delivering the essential pipeline to rapidly secure, manage, and scale these AI agents from development straight into production. Moving throughout 2025, JFrog has embraced the AI revolution, focusing on what we believe we do best, driving the next standards in the market as the single source of truth for AI software packages.

In Q3, 56% of total revenues came from enterprise plus subscriptions up from 50% in the prior year.

Now I'll review the income statement in more detail.

Gross profit in the quarter was $114 9 million, representing a gross margin of 83, 9% versus 82, 8% in the year ago period.

We remain focused on cost optimization with the cloud service providers and continue to expect annual gross margins to remain between 82, 5% and 83, 5% for 2025.

Operating expenses in the third quarter were $89 3 million equaling 65% of revenues.

We continue to demonstrate that our customers view, Jay Prague solutions as mission critical to their software supply chain with gross retention that equaled 97% as of the third quarter 2025.

This compares to $75 5 million or 69% of revenues in the year ago period.

Now I'll review the income statement in more detail.

Our operating profit in Q3 increased to $25 6 million or an operating margin of 18, 7% compared to $14 7 million and 13, 5% operating margin in the third quarter of 2024.

Gross profit in the quarter was $114 $9 million.

Representing a gross margin of 83, 9% versus 82, 8% in the year ago period.

We remain focused on cost optimization with the cloud service providers and continue to expect annual gross margins to remain between 82, 5% and 83, 5% for 2025.

The continued balance between strategic investments and operational efficiency demonstrates our commitment to profitable growth.

Cash flow from operations equaled $32 million in the third quarter after taking into consideration capex requirements, our free cash flow reached $28 8 million or 21% margin compared to $26 7 million or 24% margin in the year ago period.

Shlomi Haim: We integrated JFrog ML into the JFrog Platform, empowering data scientists and developers to build, test, experiment, and deliver trusted models into production. We launched our MCP server alongside groundbreaking MCP security research, redefining how developers and AI agents interact with their software delivery platform. In addition, we introduced AI Catalog, a new add-on to JFrog Curation designed to secure and govern both third-party and internally developed AI models, ensuring they are safe, compliant, and aligned with company policies for responsible use across the organization. Our next generation of offerings in ML and AI, as well as our DevOps and security products, were highlighted for customers and analysts at Swamp Up in Q3. Every year, JFrog welcomes customers, prospects, and partners to our Swamp Up conference, a key industry gathering for DevOps, DevSecOps, and MLOps users. This year, JFrog innovations were front and center with painsolving solutions for customers.

Operating expenses in the third quarter were $89 3 million equaling 65% of revenues.

This compares to $75 5 million.

Or 69% of revenues in the year ago period.

Our operating profit in Q3 increased to $25 6 million or an operating margin of 18, 7% compared to $14 7 million and 13, 5% operating margin in the third quarter of 2024.

During the third quarter, we completed payments totaling $5 $7 million under a hold back agreement related to the acquisition of <unk>, which was completed in July 2024.

Now turning to the balance sheet. We ended the third quarter of 2025 at $651 1 million in cash and short term investments compared to $522 million at the end of 2024.

The continued balance between strategic investments and operational efficiency demonstrates our commitment to profitable growth.

Cash flow from operations equaled $32 million in the third quarter.

As of September 32025, our RP O totaled $508 million or.

After taking into consideration capex requirements, our free cash flow reached $28 8 million or 21% margin compared to $26 7 million or 24% margin in the year ago period.

47% increase year over year.

This performance highlights the successful execution of our go to market strategy as customers continue to make larger multi year commitments to our <unk> offerings.

During the third quarter, we completed payments totaling $5 $7 million under a hold back agreement related to the acquisition of <unk>, which was completed in July 2024.

And now, let's turn to the outlook and guidance for Q4 and the full year 2025.

While we are encouraged by our strong year to date performance amid geopolitical uncertainty and ongoing macroeconomic volatility. We believe it remains prudent to continue to approach our forward outlook with measured caution.

Now turning to the balance sheet. We ended the third quarter of 2025 at $651 1 million in cash and short term investments compared to $522 million at.

Shlomi Haim: On stage, we announced a new way for companies to govern and trust their application with an innovative product, JFrog Uptrust. We were joined for the opening keynote by NVIDIA, ServiceNow, GitHub, and SonarQube to showcase our partnerships in an industry-first DevGovOps solution. DevGovOps brings software development, security, and GLC groups together, focusing on, once again, the key asset of any company, the software binary. As the complexity in the world of software increases, the requirements of security, compliance, and governance put pressure on development teams. The need to release fast and often, combined with high regulation, required automation and collection of evidence, such as quality testing or security results, to keep software flowing with confidence. With the new JFrog Uptrust product, companies will now have an automated way across platforms to manage governance as they deliver software faster than ever before.

Our updated 2025 guidance range suggests sustained contributions from the <unk> security core steady expansion of customer commitments and adoption of the full <unk> platform.

At the end of 2024.

As of September 32025, our RP O totaled $508 million.

A 47% increase year over year this.

We continue to Derisk, our outlook by excluding our largest opportunities given the uncertainty regarding the timing of certain large customer deployments.

This performance highlights the successful execution of our go to market strategy as customers continue to make larger multi year commitments to our <unk> offerings.

We estimate.

Our full year 2025 baseline cloud growth to now be in the range of 40% to 42%.

And now, let's turn to the outlook and guidance for Q4 and the full year 2025.

<unk> revenue guidance continues to exclude any contribution from usage above annual customers minimum commitments.

Taking into account our strong year to date results and fourth quarter guidance, we are raising our expectations for net dollar retention to above 116% for 2025.

Our updated 2025 guidance range suggests sustained contributions from the <unk> security core steady expansion of customer commitments and adoption of the full <unk> platform.

For Q4, we expect revenues to be in the range of $136 $5 million and $138 5 million with non-GAAP operating profit anticipated to be between $21 million and $22 million and non-GAAP earnings per diluted share of 18.

We continue to Derisk, our outlook by excluding our largest opportunities given the uncertainty regarding the timing of certain large customer deployments.

Shlomi Haim: Due to our vision of cross-industry collaboration and our commitment to build solutions that are too integrated to fail, Uptrust was launched in partnership with ServiceNow as the ITOps system of record, with JFrog as the system of record for the software supply chain, in the words of Raul Tripati, General Manager of ITSM at ServiceNow. The future of software built by developers and AI agents must include automated governance, achievable only through evidence-based quality gates and systems. JFrog Uptrust is paving the way to make that vision a reality. In security, we further showcase new abilities to secure developer extensions or the plugins developers use in their environments. This is a different type of supply chain attack, and JFrog customers can now protect developer extensions in addition to their software assets.

We estimate our full year 2025 baseline cloud growth to now be in the range of 40% to 42%.

<unk> to 'twenty, assuming a share count of approximately 125 million shares.

Cloud revenue guidance continues to exclude any contribution from usage above annual customers minimum commitments.

For the full year of 2025, we anticipate a revenue range of $523 million to $525 million, representing approximately 22, 3% year over year growth at the midpoint.

Taking into account our strong year to date results and fourth quarter guidance, we are raising our expectation for net dollar retention to above 116% for 2025.

non-GAAP operating income is expected to be between $87 3 million and $88 3 million and non-GAAP diluted earnings per share of <unk> 78 to.

To 80 <unk>.

Assuming a share count of approximately 122 million shares.

Now I'll turn the call back to Shlomi for some closing remarks before we take your questions.

To 'twenty, assuming a share count of approximately 125 million shares.

Thank you Ed.

The third quarter of 2025 is behind US, we committed and we delivered on the innovation on product execution and across every financial metric.

For the full year of 2025, we anticipate a revenue range of $523 million to $525 million.

Shlomi Haim: We also launched agentic remediation capabilities and demonstrated on stage how JFrog solutions use AI agents to detect vulnerabilities in source code, identify remediation methods, prioritize contextual paths to fix problems, and even protect against similar vulnerabilities in the future, first through our GitHub Copilot integration, and soon available for other code assistants. Finally, we introduced JFrog Fly, the world's first agentic repository, reimagining software supply chain management in the era of AI. With JFrog Fly, AI agents become co-builders alongside developers, orchestrating artifacts seamlessly across the entire software lifecycle. This allows developers to focus on what matters most, delivering software to production faster, at scale, and without friction. Small teams now enjoy a zero-hustle, AI-driven experience, tightly integrated with GitHub and native AI tools like Cursor, Cloud Code, and GitHub Copilot.

Despite macro challenges that <unk> sold over the past three quarters, we not only earned the trust of the enterprise, we reinforced our position as the definitive system of record for the software supply chain.

Denting, approximately 22, 3% year over year growth at the midpoint.

non-GAAP operating income is expected to be between $87 3 million and $88 3 million and.

And non-GAAP diluted earnings per share of <unk> 78.

As the world becomes powered by AI driven software in every aspect of software creation and delivery is being transformed.

80.

Assuming a share count of approximately 122 million shares.

One that stands out more software means more packages more artefacts more binaries and thats exactly where our <unk> stent front and center now and in the future.

Now I'll turn the call back to Shlomi for some closing remarks before we take your questions.

Thank you Ed.

The third quarter of 2025 years behind US, we committed and we delivered on the innovation on product execution and across every financial metric.

Well it becoming the modern registry of choice securing the entire software supply chain of our customers from passport control at the gate to safe and trusted delivery.

Despite macro challenges that <unk> sold over the past three quarters, we not only earned the trust of the enterprise, we reinforced our position as the definitive system Frankel for the software supply chain.

We manage the full lifecycle of AI models, and we've introduced the world's first Deb <unk> solution preparing our customers for the ongoing tsunami of AI regulation and compliance.

As the world becomes powered by AI driven software in every aspect of software creation and delivery is being confirmed.

We continue to run our business with efficiency focus and discipline, while staying deeply energized by the opportunities ahead.

Shlomi Haim: JFrog Fly's agentic capabilities will be shared with selected users, giving developer teams the opportunity to experience AI-assisted software creation and delivery. These capabilities are planned for full integration into the JFrog platform, powering our customers in the new era of intelligent, automated software supply chain practices built on an agentic binary repository. We believe that these product innovations shared at Swamp Up are, in the words of our customers, AT&T, a home run for our users. With that, I'll turn the call over to our CFO, Ed Grabscheid, with an in-depth recap of Q3 financial results and our updated outlook for the full fiscal year of 2025. Ed. Thank you, Shlomi. Good afternoon, everyone. During the third quarter of 2025, total revenues equaled $136.9 million, up 26% year over year.

One that stands out more software means more packages more artefacts more binaries and thats exactly where the <unk> stent front and center now and in the future.

This quarter was also a deeply meaningful one for our Israeli team.

The wall in the region came to an end and hostages' will finally return safely to their families. After two long years.

We're becoming them other registry of choice securing the entire software supply chain of our customers from passport control at the gate to safe and trusted delivery.

Withstanding solidarity with the families of the remaining hostages held.

But the Devil with organization amount and.

We manage the full lifecycle of AI models, and we have introduced the world's first <unk> solution preparing our customers for the ongoing tsunami of AI regulation and compliance.

And we pray for the safe return home for pulpwood burials.

As we prepare for 2026, we are ready to leap forward in product people and business. We remain determined to continue building on what we've created by developers for the developers of the modern software rule with that thank you for joining our call and made a frog be with you.

We continue to run our business with efficiency focus and discipline, while staying deeply energized by the opportunities ahead.

This quarter was also a deeply meaningful one for our Israeli team.

Operator, we are now open to take questions.

As the wall in the region came to an end and hostages will finally return safely to their families. After two long years.

We will now begin the question and answer session. Please limit yourself to one question and one follow up if you would like to ask a question. Please raise your hand now if you've dialed into todays call. Please press star nine to raise your hand and star six on mute. Please.

Shlomi Haim: Our overachievement during the quarter was the result of strong go-to-market and operational execution, continued momentum in our cloud revenues, growing adoption in JFrog security products, and expansion by customers within our enterprise-level subscriptions. As noted by Shlomi, third-quarter cloud revenues grew to $63.4 million, up 50% year over year, and represented 46% of total revenues versus 39% in the prior year. Our growth in the cloud was driven by increased usage across a broad set of package types, demand for JFrog Advanced Security, and Curation, and conversion of customers with usage above minimum commitments into higher annual contracts. During the third quarter, our self-managed or on-prem revenues were $73.5 million, up 10% year over year. We continue to proactively engage our on-prem customers to migrate DevSecOps workloads to our cloud or explore solutions better aligned with their specific use cases, including hybrid and fit-for-purpose deployments.

We are spending solidarity with the families of the remaining hostages bye.

<unk> organization, and we pray for the safe return home.

Please standby, while we compile the Q&A roster.

Popo burials.

As we prepare for 2026, we are ready to leap forward in product people and business. We remain determined to continue building on what we've created by developers for the developers of the modern software world with that thank you for joining our call and May default would be with you.

Your first.

First question comes from the line of Michael <unk> with Needham. Your line is open. Please go ahead.

Hey, guys. Thanks for taking the questions here.

Jeff Great to hear you on the call and for Shlomi and Ed Congrats on the strong quarter.

I wanted to tap into cloud.

And first just to sanity check the results Super strong here was there anything one time or was this really just a confluence of a number of different pieces of the platform coming alongside the execution can you help us unpack that.

Operator, we are now open to take questions.

We will now begin the question and answer session. Please limit yourself to one question and one follow up if you would like to ask a question. Please raise your hand now thank you.

Hey, Mike. This is Ed I'll go ahead and start with that there is nothing in the cloud revenues that is one time. This is a convergence of strong usage across multiple package types geos.

Dialed into todays call. Please press star nine to raise your hand and star sixth on mute.

Please standby, while we compile the Q&A roster.

Your first question comes from the line of Michael <unk> with Needham. Your line is open. Please go ahead.

And different verticals. In addition to that we saw strong security security also has a leading driver of our cloud growth. So you had a combination of those two things happening, but no. One time it was a very strong quarter.

Hey, guys. Thanks for taking the questions here.

Shlomi Haim: In Q3, 56% of total revenues came from Enterprise Plus subscriptions, up from 50% in the prior year. Driven by ongoing execution of our enterprise go-to-market strategy, and broader customer adoption of the JFrog platform, revenue contribution from Enterprise Plus subscriptions grew 39% year over year. Net dollar retention for the four trailing quarters was 118%, consistent with the prior quarter, highlighting the continued adoption of our security core products, and increased cloud data consumption, resulting in higher customer commitments. We continue to demonstrate that our customers view JFrog solutions as mission-critical to their software supply chain, with gross retention that equaled 97% as of the third quarter 2025. Now, I'll review the income statement in more detail. Gross profit in the quarter was $114.9 million, representing a gross margin of 83.9% versus 82.8% in the year-ago period.

Jeff Great to hear you on the call and for Shlomi and Ed Congrats on the strong quarter.

Excellent.

I wanted to tap into cloud.

I did just want to tap in I guess this is probably more for shlomi, but again on the cloud.

We have a couple of quarters now of really strong growth.

What is different.

Or anything has changed but from an execution standpoint on the go to market.

What have you guys implemented that.

Hey, Mike. This is Ed I'll go ahead and start with that there is nothing in the cloud revenues that is one time. This is a convergence of strong usage across multiple package types geos.

The continues to bear out here, how should we be thinking about that.

And thank you again.

Hi, Mike This is slow man. Thank you for the kind words.

I think that what do you see in the cloud is a strong and consistent execution not only of our technology, but also the go to market philosophy.

Working with our customers that have over usage converting them to hire commitments and thats translated to a consistent cloud golf and less volatility.

Excellent.

I did just want to tap in I guess this is probably more for shlomi, but again on the cloud.

We have a couple of quarters now of really strong growth what is different.

As you know even when we guide we provide you with their commitments.

If anything has changed but from an execution standpoint on the go to market what have you guys implemented that there.

This guidance and consumption might come and go but we wanted to have an alignment between the go to market philosophy and the execution of our cloud business. That's on top of course.

Shlomi Haim: We remained focused on cost optimization with the cloud service providers and continue to expect annual gross margins to remain between 82.5% and 83.5% for 2025. Operating expenses in the third quarter were $89.3 million, equaling 65% of revenues. This compares to $75.5 million, or 69% of revenues, in the year-ago period. Our operating profit in Q3 increased to $25.6 million, or an operating margin of 18.7%, compared to $14.7 million and 13.5% operating margin in the third quarter of 2024. The continued balance between strategic investments and operational efficiency demonstrates our commitment to profitable growth. Cash flow from operations equaled $30.2 million in the third quarter. After taking into consideration CapEx requirements, our free cash flow reached $28.8 million, or 21% margin, compared to $26.7 million, or 24% margin, in the year-ago period.

That continues to bear out here, how should we be thinking about that.

And thank you again.

Hi, Mike This is slow and thank you for the kind words.

What Ed said that our cloud customers are now also embracing our security solution, which obviously.

I think that what you see in the cloud is a strong and consistent execution not only of our technology, but also the go to market philosophy.

Gives us more room to grow into expense.

Your next question comes from the line of Sanjay Singh with Morgan Stanley. Your line is open. Please go ahead.

Working with our customers that have over usage converting them to hire commitments and thats translated to a consistent cloud Gulf and less volatility.

Yes, thank you for taking the questions and congrats Mike Congrats on the strong results. This quarter. So I was wondering if you could.

As you know even when we guide we provide you with their commitments based guidance and consumption might come and go but we wanted to have an alignment between the go to market philosophy and the execution of our cloud business. That's on top of course towards Ed said that.

Extend a little bit more on the theme on your script around the broadening of the types of artifacts that that artifact III is managing and storing and serving as a system of record.

Is that mix start to look like between kind of traditional software artifacts containers registries and some of the.

Our cloud customers are now also embracing our security solution, which obviously.

The AI artifacts that are starting to come through.

Gives us more room to grow into expense.

Can you speak to some of the underlying trends in terms of what what are the factories storing and managing these days.

Your next question comes from the line of Sanjay Singh with Morgan Stanley. Your line is open. Please go ahead.

Yes, Hi, Sanjay.

What we see and we obviously monitor monitoring it closely as that.

Shlomi Haim: During the third quarter, we completed payments totaling $5.7 million under a holdback agreement related to the acquisition of Qwak, which was completed in July 2024. Now, turning to the balance sheet, we ended the third quarter of 2025 at $651.1 million in cash and short-term investments, compared to $522 million at the end of 2024. As of 30 September 2025, our RPO totaled $508 million, a 47% increase year over year. This performance highlights the successful execution of our go-to-market strategy, as customers continue to make larger, multi-year commitments to our DevSecOps offerings. Now, let's turn to the outlook and guidance for Q4 and the full year 2025. While we're encouraged by our strong year-to-date performance amid geopolitical uncertainty and ongoing macroeconomic volatility, we believe it remains prudent to continue to approach our forward outlook with measured caution.

Yes, thank you for taking the questions and congrats Mike Congrats on the strong results. This quarter. So I was wondering if you could.

Artifacts or different type of artifacts that are heavily used by <unk>.

Expand a little bit more on the theme on your script around the broadening of the types of artifacts that that artifact tree is managing and storing and serving as a system of record and what does that mix start to look like between kind of traditional software artifacts containers.

AI create dolls.

<unk>.

Our growth in usage, and our cloud and on Prem customers, we see that.

Obviously hagging face is scaling up this is the open source model hub.

Histories and some of the.

Full AI models, but also <unk>.

The AI artifacts that are starting to come through.

The language is that supports AI development like Python with Ipi NPM Docker containers full distribution of models all of them.

Can you speak to some of the underlying trends.

Terms of what what artifact storing and managing these things.

Yes, Hi, Sanjay.

Line and correlated and growing together, it's still too early for us to say that this trend is actually going to lead to a higher consumption in the future, but it's very encouraging to see that our customers are.

But what we see and we obviously Monte monitoring it closely is that.

Artifacts or different types of artifacts that are heavily used by <unk>.

AI create dolls.

<unk>.

Using J Prague as the system of records for all packages, including AI models, and Thats, obviously drive the higher consumption as we reported.

Our goals in usage in our cloud and on Prem customers, we see that.

Obviously hugging face is scaling up this is the open source model hub.

Shlomi Haim: Our updated 2025 guidance range suggests sustained contributions from the JFrog Security Corps, steady expansion of customer commitments, and adoption of the full JFrog platform. We continue to de-risk our outlook by excluding our largest opportunities, given the uncertainty regarding the timing of certain large customer deployments. We estimate our full year 2025 baseline cloud growth to now be in the range of 40% to 42%. Cloud revenue guidance continues to exclude any contribution from usage above annual customers' minimum commitments. Taking into account our strong year-to-date results and fourth-quarter guidance, we are raising our expectation for net dollar retention to above 116% for 2025. For Q4, we expect revenues to be in the range of $136.5 million and $138.5 million, with non-GAAP operating profit anticipated to be between $21 million.

Your next question comes from the line of Kingsley Crane with Canaccord. Your line is open. Please go ahead.

Full AI models, but also <unk>.

Land widgets that supports the AI development like Python with Ipi NPM Docker containers full distribution of models all of them aligned and correlated and growing together, it's still too early for us to say that this trend is actually going to lead to a higher.

Hey, Thanks for taking the question really encouraging results.

Shlomi.

<unk> J product fly it was really impressive it's lump up the MCP capabilities are nice to see is while it got me thinking EA.

It's changing how consumers interact with technology is leading many companies to rethink their you either you ask how relevant is that Fortunately for Oregon is that something that you're thinking about it.

Consumption in the future, but it's very encouraging to see that our customers.

Yes, Thank you Kingsley.

Using J Prague as the system of record for all packages, including AI models, and Thats, obviously drive the higher consumption as we reported.

Jay book Fly release is a disruption to the entire software supply chain system of cycle, we understand that software in the future would be created not just by developers, but also by agents and therefore, whatever repository you want to build must come with the <unk> capabilities. This is what we want.

Your next question comes from the line of Kingsley Crane with Canaccord. Your line is open. Please go ahead.

Hey, Thanks for taking the question really encouraging results.

First to have a J P flight the second thing based on our research with thousands of developers was the developers want to be focused on what they need to be focused on create software deliver software and we trust fast and rapidly jetblue flies provide that so instead of taking it.

Shlomi.

<unk> J product fly it was really impressive with swap up the MCP capabilities are nice to see is while it got me thinking AI is changing how consumers interact with technology, leading many companies to rethink their UI or UX, how relevant is that Fortunately for Oregon is that something that youre thinking about.

Shlomi Haim: $22 million, and non-GAAP earnings per diluted share of $0.18 to $0.20, assuming a share count of approximately 125 million shares. For the full year of 2025, we anticipate a revenue range of $523 million to $525 million, representing approximately 22.3% year-over-year growth at the midpoint. Non-GAAP operating income is expected to be between $87.3 million and $88.3 million, and non-GAAP diluted earnings per share of $0.78 to $0.80, assuming a share count of approximately 122 million shares. Now, I'll turn the call back to Shlomi for some closing remarks before we take your questions. Thank you, Ed. The third quarter of 2025 is behind us. We committed and we delivered on innovation, on product execution, and across every financial metric. Despite macro challenges, the JFrog team sold.

<unk> by feature within our factory, we thought that what we'll do what we will do better is to build a full <unk> experience for our users re imagining how software supply chain will look like and then slowly.

Yes. Thank you.

Yes.

Jay book Fly release is the disruption to the entire software supply chain system of Crackle, we understand that software in the future would be created not just by developers, but also by agents and therefore, whatever deposits that we want to be as must come with the <unk> capabilities. This is what we want.

Bring those capabilities into the <unk> platform, obviously, the enterprise market.

Adopted one by one feature by feature the community and small team can can run faster. So that's the idea behind flight and we are very excited to see how the market react to it.

First to have a J P flight the second thing based on our research with thousands of developers was that developers want to be focused on what they need to be focused on create software deliver software and we trust fast and rapidly jetblue flies provide that so instead of taking it.

Your next question comes from the line of Koji Ikeda with Bank of America. Your line is open. Please go ahead.

Yeah, Hey, guys. Thanks, Thanks, so much for taking the questions.

Wanted to ask on on NR, and maybe pick on the metric just a little bit because it was flat at 118%, but when I look at the cloud growth, that's really really strong and just knowing that NR ours calculated on a trailing 12 month metric.

Shlomi Haim: Over the past three quarters, we not only earned the trust of the enterprise, we reinforced our position as the definitive system of record for the software supply chain. As the world becomes powered by AI-driven software and every aspect of software creation and delivery is being transformed, one fact stands out: more software means more packages, more artifacts, more binaries. That's exactly where JFrog stands, front and center now and in the future. We're becoming the model registry of choice, securing the entire software supply chain of our customers, from passport control at the gate to safe and trusted delivery. We manage the full lifecycle of AI models, and we've introduced the world's first DevGovOps solution, preparing our customers for the ongoing tsunami of AI regulation and compliance. We continue to run our business with efficiency, focus, and discipline, while staying deeply energized by the opportunities ahead.

Bring those capabilities into the <unk> platform, obviously, the enterprise market will will adopt it one by one feature by feature the community and the small team Ken can run faster. So that's the idea behind flight and we are very excited to see how the market react to it.

On a 12 month basis.

Really means that there is some new customers that are growing very fast.

Is that the right interpretation on kind of looking at <unk> versus the cloud performance and if that is true how sustainable is that growth from these new customers going forward.

Thank you Koji I'll start then add feel free to chime in MLR.

Your next question comes from the line of Koji Ikeda with Bank of America. Your line is open. Please go ahead.

<unk> the tail of customers that are not committed to an annual.

Yeah, Hey, guys. Thanks, Thanks, so much for taking the questions.

Wanted to ask on on NR, and maybe pick on the metric just a little bit because it was flat at 118%, but when I look at the cloud growth, that's really really strong and just knowing that <unk> calculated on a trailing 12 month metric.

And and Dr. Andy I'm sorry, yes.

So let me go ahead and jump in here on the <unk>. So first off let me remind you that we had three of the largest customers closed during Q3 of last year. So we're building off of that it's a trailing 12 month metric, but what I said in the beginning of the year could you. If you recall if there is going to be an acceleration in net dollar retention two things would have to happen number one I want to see an uptake in my security.

On a 12 month basis that just really means that theres, some new customers that are growing very fast.

Is that the right interpretation on kind of looking at <unk> versus the cloud performance and if that is true how sustainable is that growth from these new customers going forward.

And number two I want to see usage over minimum commit in the cloud and both of those are happening. So you start on a trailing 12 month metric with a very strong base off of those three very large deals that were closed at the end of Q3, and we've continued to build on that so we've actually expanded our net dollar retention rate.

Shlomi Haim: This quarter was also a deeply meaningful one for our Israeli team. As the war in the region came to an end and hostages were finally returned safely to their families after two long years, we stand in solidarity with the families of the remaining hostages still held by the terrorist organization Hamas, and we pray for their safe return home for proper burial. As we prepare for 2026, we are ready to leap forward in product, people, and business. We remain determined to continue building on what we've created by developers, for the developers of the modern software world. With that, thank you for joining our call, and may the Frog be with you. Operator, we are now open to take questions. We will now begin the question and answer session. Please limit yourself to one question and one follow-up.

Thank you Koji I'll start then add feel free to chime in MLR represent the tail of customers that are not committed to an annual.

We're very happy with where it is is it stabilized quarter over quarter at 118.

And and Dr. Andy I'll start yes, let me go ahead and jump in here on the MTR. So first off let me remind you that we had three of the largest customers closed during Q3 of last year. So we're building off of that it's a trailing 12 month metric, but what I said in the beginning of the year could you. If you recall if there was going to be an acceleration in net dollar retention.

And <unk>, sorry, I heard <unk> and answered about the cloud monthly usage regarding net dollar retention. We also have to remember that as part of the strategy.

Embedding our security solution into the platform.

We'll be a way to also expand our customers with a different persona.

Two things would have to happen number one I want to see an uptake in my security and number two I want to see usage over minimum commit in the cloud and both of those are happening. So you start on a trailing 12 month metric with a very strong base off of those three very large deals that were closed at the end of Q3 and we've can.

Getting our customers expanding with security actually addresses compete.

Completely different.

Address the addressable market.

Your next question comes from the line of Mark cash with Raymond James Your line is open. Please go ahead. Thank.

To build on that so we've actually expanded our net dollar retention rate and we're very happy with where it is is it stabilized quarter over quarter at 118, Yes, <unk>, sorry, I heard <unk> and answered about the cloud monthly usage regarding net dollar retention. We also have to remember that as part of the strategy of embedding.

Thank you Shlomi, if I could start with you I also want to ask on fly, but more around if you see by opening up new customers are buying centers that you haven't serviced previously and then what kind of go to market plans or tweaks will be required to drive market awareness versus.

Shlomi Haim: If you would like to ask a question, please raise your hand now. If you have dialed into today's call, please press star nine to raise your hand and star six to unmute. Please stand by while we compile the Q&A roster. Your first question comes from the line of Michael Cikos with Needham. Your line is open. Please go ahead. Hey, guys. Thanks for taking the questions here. Jeff, great to hear you on the call. For Shlomi and Ed, congrats on the strong quarter. I wanted to tap into cloud. First, just a sanity check. The results are super strong here. Was there anything one-time, or was this really just a confluence of a number of different pieces of the platform coming alongside the execution? Can you help us unpack that? Hey, Mike, this is Ed. I'll go ahead and start with that.

Our security solution into the platform.

Maybe the market, mostly thinking about J plasma or large scale artifacts and then if I can.

We will be a way to also expand our customers with the different persona.

Sneak one in for Ed I'm, just I mean, you beat by 9 billion raised by additional $6 $5 million. So I guess, maybe somebody because of better visibility from RPX Europe strength, but still taking a prudent approach you laid out. So what are the key drivers that give you confidence to raise by section them out and be compare to 90 days ago. Thank you guys.

Getting our customers expanding with security actually addresses are completely different.

Address the addressable market.

Your next question comes from the line of Mark cash with Raymond James Your line is open. Please go ahead. Thank.

Yes ill talk with supply.

This is obviously an opportunity, but it's not our goal our goal is to make sure that everything that you have at the <unk> platform in the future will support both agents and developers.

Shlomi Haim: There is nothing in the cloud revenues that is one-time. This is a convergence of strong usage across multiple package types, geos, and different verticals. In addition to that, we saw strong security. Security also is a leading driver of our cloud growth. You had a combination of those two things happening, but no one-time. It was a very strong quarter. Excellent. I did just want to tap in. I guess this is probably more for Shlomi, but again, on the cloud. We have a couple of quarters now of really strong growth. What is different, if anything has changed, from an execution standpoint on the go-to-market? What have you guys implemented that continues to bear out here? How should we be thinking about that? Thank you again. Hi, Mike. This is Shlomi, and thank you for the kind words.

As they manage their software supply chain and why is that important because we know that in the future. The way that engineering team will be structured will be a combination of developers and agent. It will not be just developing the software will be made by agents and if you don't provide them. These agents will not have access to your repository.

Maybe the market, mostly thinking about J plasma or large scale artifacts and then if I could.

Sneak one in for Ed.

I mean, you beat by 9 billion raised by additional $6 $5 million. So I guess, maybe somebody because of better visibility from Rps Europe strength, but still taking a prudent approach you laid out. So what are the key drivers that give you confidence to raise by section of MAU, maybe compare to 90 days ago. Thank you guys.

They will have another system of record so with fly success basically what we see is.

Yes ill talk with flight.

How we fuel and power the entire <unk> platform now Ken small team used supply and this will be another.

This is obviously an opportunity but it is not our goal our goal is to make sure that everything that you have at the <unk> platform in the future will support both agents and developers.

Avenue of revenue generation, yes may be but our main goal is to make sure that we adopt this <unk> expense across the platform and fly is the north star of adopting AI experience.

As they manage their software supply chain and why is that important because we know that in the future. The way that engineering team will be structured will be a combination of developers and agent. It will not be just developers. So software will be made by agents and if you don't provide them. These agents will not have access to your repository.

Shlomi Haim: I think that what you see in the cloud is a strong and consistent execution, not only of our technology, but also the go-to-market philosophy of working with our customers that have overusage, converting them to higher commitments. That's translated to consistent cloud growth and less volatility. As you know, even when we guide, we provide you with a commitments-based guidance, and consumption might come and go, but we wanted to have an alignment between the go-to-market philosophy and the execution of our cloud business. That's on top, of course, to what Ed said, that our cloud customers are now also embracing our security solution, which obviously gives us more room to grow and to expand. Your next question comes from the line of Sanjit Singh with Morgan Stanley. Your line is open. Please go ahead.

And regarding the guidance and the confidence that I had moving into Q4 first of all I only guide on the commitments. So I'm confident that what I'm, providing to you 90 days. After the last time I provided to you. Our guidance is the fact that I have the strong commitment we saw strong performance during the quarter.

They will have another system of record so with fly success basically what we see is.

How we fuel and power the entire <unk> platform now Ken small team use fly and this will be another <unk> <unk>.

Thats built into my forecast based on those commitment levels.

I've removed anything thats related to usage over the minimum commitments and feel very confident with those numbers provided.

Avenue of revenue generation, yes may be but our main goal is to make sure that we adopt this agenda expense across the platform and fly is the north star of adopting AI experience.

Your next question comes from the line of Miller jumped with Truest. Your line is open. Please go ahead.

Hey, Thank you for taking the questions and congratulations on the strong results.

And regarding the guidance and the confidence that I had moving into Q4 first of all I only guide on the commitment so I'm confident that what I'm, providing to you 90 days. After the last time I provided to you. Our guidance is the fact that I'm have the strong commitment we saw strong performance during the quarter.

Yeah. So first one maybe for a couple of quarters now we've heard about the demand for hybrid solutions correlated with AI I'm just trying to reconcile this with the clear momentum that youre seeing in cloud like is this something that youre seeing shift the pipeline composition right now al and then if I could ask one for Ed as well throughout this year, maybe in the last few quarter.

Shlomi Haim: Yeah, thank you for taking the questions, and congrats, Mike, congrats on the strong results this quarter. Shlomi, I was wondering if you could expand a little bit more on the theme on your script around the broadening of the types of artifacts that Artifactory is managing and storing and serving as a system of record. What does that mix start to look like between kind of traditional software artifacts, containers, registries, and some of the AI artifacts that are starting to come through? Can you speak to some of the underlying trends in terms of what Artifactory is storing and managing these days? Yes. Hi, Sanjit. What we see, and we obviously monitor it closely, is that artifacts or different types of artifacts that are heavily used by AI creators are seeing kind of a growth in usage in our cloud and on-prem customers. We see that.

That's built into my forecast based on those commitment levels.

Really you talked about the conversion of customers that are going overcommit.

I've removed anything thats related to usage over the minimum commitments and feel very confident with those numbers provided.

And I'm just curious like what are you seeing from the customers that you move on to new contracts like are they continuing to ramp up their consumption. How has that played out versus your expectations.

Your next question comes from the line of Miller jumped with Truest. Your line is open. Please go ahead.

Yes. Thank you, Matt I'll start well first what we see is what we reported in the past and we see it still.

Hey, Thank you for taking the questions and congratulations on the strong results.

Yeah, So performing maybe for a couple of quarters now we've heard about the demand for hybrid solutions correlated with AI I'm just trying to reconcile this with the clear momentum that youre seeing in cloud like is this something that youre seeing shift the pipeline composition right now and then if I could ask one for Ed as well throughout this year and maybe the last two quarter.

In our pipeline there are some big deals that.

Bulk of them include cloud migration, so we hear from our customers that they need more certainty before they double down on the cloud and go there with the entire AI workloads that is currently being built so for sure. The fitful purpose that we reported in the past is still relevant.

Really you talked about the conversion of customers that are going overcommit.

But you also know that part of our guidance philosophy. These deals are being derisked from from our pipeline.

Shlomi Haim: Obviously, Hugging Face is scaling up. This is the open-source model hub for AI models, but also languages that support AI development like Python with PyPI, NPM, Docker containers for distribution of models. All of them are aligned, correlated, and growing together. It's still too early for us to say that this trend is actually going to lead to a higher consumption in the future, but it's very encouraging to see that our customers are using JFrog as the system of records for all packages, including AI models, and that obviously drives the higher consumption, as we reported. Your next question comes from the line of Kingsley Crane with Canaccord. Your line is open. Please go ahead. Hey, thanks for taking the question. Really encouraging results. For Shlomi, the demo of JFrog Fly was really impressive at Swamp Up. The MCP capabilities are nice to see as well.

And we are being very cautious with.

Yes. Thank you, Matt I'll start well first what we see is what we reported in the past and we see it still.

Kind of hanging the expectations high.

When it comes to cloud migration and cloud consumption in terms of the consumption as I answered before to <unk> question, we see more software packages that are related to the well being to us and still we want to make sure that this is a new behavior and not just that.

In our pipeline there are some big deals that.

Bulk of them include cloud migration.

So we hear from our customers that they need more certainty before they double down on the cloud and go there with the entire AI workloads that is currently being built so for sure. The fitful purpose that we reported in the past is still relevant but you also know that as part of our guide.

Rent that will pass.

People will decide whether they go with cloud or on Prem.

Regarding what we see from the behavior of those customers that are above minimum commitments that.

This philosophy these deals are being derisked from from our pipeline.

Go to a higher annual commitment, it's still not easy to do this in the sales team has done a good job that strategic strategically aligned with our philosophy budgets are still not fully aligned there yet but for those customers. They are now secure and it gives us that confidence to flex up and down. So we continue to see strong usage across the board, especially in Q.

And we are being very cautious with.

Kind of hanging the expectations high.

When it comes to cloud migration and cloud consumption in terms of the consumption as I answered before to <unk> question, we see more software packages that are related to the well being used and still we want to make sure that this is a new behavior and not just the three.

Three but we also know heading into Q4, it's a seasonably slower quarter due to the holiday. So that's also something that we take into consideration.

Shlomi Haim: It got me thinking. AI is changing how consumers interact with technology. It's leading many companies to rethink their UI, their UX. How relevant is that for JFrog, and is that something that you're thinking about? Yes, thank you, Kingsley. The JFrog Fly release is a disruption to the entire software supply chain system of record. We understand that software in the future will be created not just by developers, but also by agents. Therefore, whatever repository you want to build must come with agentic capabilities. This is what we wanted first, to have a JFrog Fly. The second thing, based on our research with thousands of developers, was that developers want to be focused on what they need to be focused on: create software, deliver software with trust, fast, and rapidly. JFrog Flies provide that.

Your next question comes from the line of Brian Essex with J P. Morgan. Your line is open. Please go ahead.

That will pass.

People will decide whether they go with cloud or on Prem.

Hi, Good afternoon. Thank you for taking my question and congrats from me as well and these results are really nice to see the acceleration.

Regarding what we see from the behavior of those customers that are above minimum commitments that.

Maybe maybe for Shlomi.

Could you any any way to quantify what kind of lift you get in the quarter you've had in the quarter from conversions to.

To cloud.

And maybe what percentage of your customer base.

Is kind of remaining to convert.

Yes. So we are not disclosing this number Brian but what I can tell you that if you look at the report of the over 1 million customers.

Three but we also know heading into Q4, it's a seasonably slower quarter due to the holiday. So that's also something that we take into consideration.

We have now 71, that's a growth of 54% it will be here.

Your next question comes from the line of Brian Essex with J P. Morgan. Your line is open. Please go ahead.

I can say that the majority of them.

Shlomi Haim: Instead of taking it feature by feature within Artifactory, we thought that what we will do better is to build a full agentic experience for our users, reimagining how software supply chain will look like, and then slowly bring those capabilities into the JFrog platform. Obviously, the enterprise market will adopt it one by one, feature by feature. The community and small team can run faster. That's the idea behind Fly, and we are very excited to see how the market reacts to it. Your next question comes from the line of Koji Ikeda with Bank of America. Your line is open. Please go ahead. Yeah, hey guys, thanks so much for taking the questions. I wanted to ask on NRR and maybe pick on the metric just a little bit because it was flat at 118%.

We're not just.

Hi, good afternoon, and thank you for taking my question and congrats from me as well and these results are really nice to see the acceleration.

Using a small.

Platform capabilities, but also use it in the cloud.

Maybe maybe for Shlomi.

While we are not disclosing it to cloud for sure was a strong growth engine for the company.

Could you any any way to quantify what kind of lift you get in the quarter you had in the quarter from conversions to.

Your next question comes from the line of <unk> Bari with Baird. Your line is open. Please go ahead.

Cloud.

And maybe what percentage of your customer base.

Is kind of remaining to convert.

Yes, Thanks, a lot for taking my question so.

Yeah.

Yes. So we are not disclosing this number Brian but what I can tell you that if you look at the report of the over 1 million customers.

Definitely securing the software supply chain far for AI models contains packages it sounds like a critical pain point right now.

Just wanted to hear your thoughts on.

We have now 71, that's a growth of 54% it will be here.

What do you think about customers.

Truly allocating new budgets towards this and just the sustainability of these budgets.

I can say that the majority of them.

We're not just.

Using a small.

Our thing, it's getting bundled into existing downside comps and you are gaining from consolidation you did note. Many attacks like the recent N P M and pipe I transfer the product like duration, just just curious how okay.

Platform capabilities, but also use it in the cloud.

While we are not disclosing it to cloud for sure was a strong growth engine for the company.

Shlomi Haim: When I look at the cloud growth, that's really, really strong. Just knowing that NRR is calculated on a trailing 12-month metric, on a 12-month basis, that just really means that there's some new customers that are growing very fast. Is that the right interpretation on kind of looking at NRR versus the cloud performance? If that is true, how sustainable is that growth from these new customers going forward? Thank you, Koji. I'll stop, and Ed, feel free to chime in. MRR represents a tier of customers that are not committed to an annual. NDR. NDR. Oh, sorry. Let me go ahead and jump in here on the NDR. First off, let me remind you that we had three of the largest customers close during Q3 of last year. We're building off of that. It's a trailing 12-month metric.

Your next question comes from the line of <unk> <unk>, sorry with Baird. Your line is open. Please go ahead.

Some of that thinking about the budgets going forward and then a follow up or Ed.

Yes <unk>.

Yes, Thanks, a lot for taking my question so.

That's actually two different questions first of all there is a higher threat on software supply chain because at current the ophthalmic software packages and if you don't cover yourself. There is as I said, it's a matter of when and not the matter of if you will be adapt NPM <unk>.

Definitely securing the software supply chain far for AI models contains packages it sounds like a critical pain point right now.

Just wanted to hear your thoughts on.

What do you think about customers.

Truly allocating new budgets towards this and just the sustainability of these budgets.

Hi, MCP in the past you remember locked <unk>. These are all software packages and attackers are going to there. Because this is binary isn't binary that also the assets that our customers have and the on time, so basically fuel attack from onetime put the binaries, you'll have full access to the software supply chain, that's front and center.

Our thing, it's getting bundled into existing downside comps and you are gaining from consolidation you did not many attacks like the recent and PM and pipe I transfer the product like duration. Just just curious how customers are thinking about the budgets going forward and then I've a follow up on <unk>.

For every system now.

Shlomi Haim: What I said in the beginning of the year, Koji, if you recall, if there was going to be an acceleration in net dollar retention, two things would have to happen. Number one, I want to see an uptake in my security. Number two, I want to see usage over minimum commit in the cloud. Both of those are happening. You start on a trailing 12-month metric with a very strong base off of those three very large deals that were closed at the end of Q3, and we've continued to build on that. We've actually expanded our net dollar retention rate, and we're very happy with where it is as it's stabilized quarter over quarter at 118%. Yeah. Koji, sorry, I heard MRR and the answer about the cloud monthly usage.

And the other question regarding new budget allocated to security in the World of AI I believe the answer is yes, and it's not only the traditional security, but also GLC budgets.

Yeah, sure I think that.

That's actually two different questions first of all there is a higher threat on software supply chain because at current the Optima software packages and if you don't cover yourself there.

Cyber risk organizations are also looking at what happened in terms of governance and regulation a moment before AI fully adopted by the biggest bank in the biggest car manufacturers and the biggest retail companies and the gap between full adoption of AI.

As I said, it's a matter of when and not the matter of if you will.

Will be adapt NPM.

Hi, MCP in the past you remember locked <unk>. These are all software packages and attackers are going there. Because this is binary isn't binary that also the assets that our customers have in their on time, So basically attacked from onetime put the binaries you have full access to the software supply chain, that's front and center.

Due to what we see now is basically.

Cost control security and governance. So for sure there is more budget, there and more attention of system when CIO to make sure that software delivery driven by AI is not putting the company in a risk.

Shlomi Haim: Regarding net dollar retention, we also have to remember that part of the strategy of embedding our security solution into the platform will be a way to also expand our customers with a different persona. Getting our customers expanding with security actually addresses a completely different addressable market. Your next question comes from the line of Mark Cash with Raymond James. Your line is open. Please go ahead. Thank you. Shlomi, if I could start with you, I also want to ask around Fly, but more around if you see Fly opening up new customers or buying centers that you haven't serviced previously, and then what kind of go-to-market plans or tweaks would be required to drive market awareness versus maybe the market mostly thinking about JFrog, more large-scale artifacts.

Paul every system now.

And the other question regarding new budget allocated to security in the World of AI I believe the answer is yes, and it's not only the traditional security, but also GLC budgets.

Could you comment just quickly follow up on <unk>.

Macro events highlight you mentioned <unk>.

Cyber risk organizations are also looking at what happened in terms of governance and regulation of moments before AI fully adopted by the biggest bank in the biggest car manufacturers and the biggest retail companies and the gap between full adoption of AI.

So just in light of the strong Q3.

Traction around security AI.

The guide for Q4, that's up your Margaret you did touch upon it it's coming from a place of Prudence, but.

Just implied is more kind of 'twenty five.

30%.

Due to what we see now is basically.

Is there more prudent is coming from the fat side.

Control security and governance. So for sure there is more budget, there and more attention oxytocin CIO to make sure that software delivery driven by AI is not putting the company in a risk.

That I can comment on on deal timing variability just given the prolonged shutdown.

Yes. Thanks for the question <unk>, there is nothing related to a government shutdown that would change anything in terms of our sentiment going forward. We've managed this year with prudence, we're continuing to manage the year with Prudence Theres a lot of factors that we take into consideration I want to remind you. There is no usage over a minute.

Shlomi Haim: If I could sneak one in for Ed, I mean, you beat by $9 million, raised by an additional $6.5 million. I guess maybe some of that comes with better visibility from RPO, CRPO strength, but still taking a prudent approach you laid out. What are the key drivers that give you confidence to raise by such an amount to be compared to 90 days ago? Thank you, guys. Yeah, I'll start with Fly. This is obviously an opportunity, but it's not our goal. Our goal is to make sure that everything that you have at the JFrog Platform in the future will support both agents and developers as they manage their software supply chain. Why is that important? Because we know that in the future, the way that the engineering team will be structured will be a combination of developers and agents.

A question I would just quickly add.

Follow up on.

Macro events highlight you mentioned meaningful TCE. So just in light of the strong Q3.

Our traction around security AI.

Some commitments in our guide we Derisk for our largest deals is the timing of those deals are still uncertain, but nothing has changed from our previous philosophy.

The guide for Q4, that's up here, Michael you did touch upon it it's coming from a place of Prudence, but.

Just implied.

And we're continuing to use that same philosophy, and our Q4 and fiscal year guidance.

More kind of 'twenty five.

Perfect.

Is there a more prudent is coming from the fab side anything that can comment on on deal timing variability just given the prolonged shutdown.

Your next question comes from the line of <unk> Kidron with Oppenheimer. Your line is open. Please go ahead. Thank you.

Gross guys really impressive maybe a couple for me.

Yes. Thanks for the question <unk>, there's nothing related to a government shutdown that would change anything in terms of our sentiment going forward. We manage this year with prudence, we are continuing to manage the year with prudence Theres a lot of factors that we take into consideration I want to remind you there is no usage over minimum.

And just on this last comment that you made about that you don't guide over the minimum comments can you tell us in the quarter itself this quarter.

Shlomi Haim: It will not be just developers. Software will be made by agents. If you do not provide them, these agents will not have access to your repository, then they will have another system of record. With Fly's success, basically what we see is how we fuel and power the entire JFrog platform. Now, can a small team use Fly and this will be another avenue of revenue generation? Yes, maybe. Our main goal is to make sure that we adopt this agentic experience across the platform. Fly is the North Star of adopting AI experience. Yeah. Regarding the guidance and the confidence that I had moving into Q4, first of all, I only guide on the commitment. I am confident that what I am providing to you.

What was the upside from kind of spillover over the minimum comments.

Yeah, we didn't break that out and we're not willing to provide that information, but if you think about what we've.

Commitments in our guide we Derisk for our largest deals is the timing of those deals are still uncertain, but nothing has changed from our previous philosophy and we're continuing to use that same philosophy, and our Q4 and fiscal year guidance.

We carried over.

Q3 into Q4 sequentially that is the commitment levels anything above that I would consider to be usage over minimum commence okay and then shlomi for you.

Your next question comes from the line of <unk> Kidron with Oppenheimer. Your line is open. Please go ahead, thank you and <unk>.

I mean, clearly you're doing very well I'm kind of wondering internally what percent of your sales force is running above quota for the year.

Congrats guys really impressive maybe a couple for me.

And just on this last comment that you made about maybe.

And as Andy said, that's running at a level that's higher than your normal internal averages I'm just trying to think about.

We don't guide over the minimum comments can you tell us in the quarter itself in this quarter.

What was the upside from kind of spillover over the minimum commenced.

Youre simply finished the year you'd have to start thinking about how do you make tweaks and changes and I was wondering if you have any initial thoughts given the change in the landscape AI. The breadth of your portfolio do you have any initial thoughts on how youre going to Tinker with comp as you go into next year.

Shlomi Haim: Ninety days after the last time I provided to you guidance is the fact that I have the strong commitment. We saw a strong performance during the quarter that's built into my forecast based on those commitment levels. I've removed anything that's related to usage over the minimum commitments and feel very confident with those numbers provided. Your next question comes from the line of Miller Jump with Truist. Your line is open. Please go ahead. Hey, thank you for taking the questions and congratulations on the strong results. Yeah. For Shlomi, maybe for a couple of quarters now, we've heard about the demand for hybrid solutions correlated with AI. I'm just trying to reconcile this with the clear momentum that you're seeing in cloud. Is this something that you're seeing shift the pipeline composition right now?

Yeah, we didn't break that out and we're not willing to provide that information, but if you think about what we've.

We carried over from Q3 into Q4 sequentially that is the commitment levels anything above that I would consider to be usage over minimum commence okay and then slowly for you.

Yes, so obviously, we will not chase some operation on a metric but of course, we're tracking it.

They are.

Very important key cares for the go to market team when it comes to the gold Sanjay and when its security when it as cloud cloud migration AI and ml ops adoption now Dev ops and compliance.

I mean, clearly you're doing very well I'm kind of wondering internally what percent of your sales force is running above quota for the year.

And as Andy said, that's running at a level that's higher than your normal internal averages I'm just trying to think about.

What you can see in the numbers and this is not the first quarter. It's the I think the fifth quarter in at all that we are consistently deliver what we're committed to is that not only the sales team is focused.

Youre a simple finished the year you'd have to start thinking about how do you make tweaks and changes and I was wondering if you have any initial thoughts given the change in the landscape AI. The breadth of your portfolio do you have any initial thoughts on how youre going to Tinker with comp as you go into next year.

Shlomi Haim: If I could ask one for Ed as well, just throughout this year, maybe the last two quarters, really, you've talked about the conversion of customers that are going over commit. I'm just curious, what are you seeing from the customers that move on to new contracts? Are they continuing to ramp up their consumption? How has that played out for your expectations? Thanks. Yeah, thank you, Miller. I'll start. Well, first, what we see is what we reported in the past, and we see it still. In our pipeline, there are some big deals that, part of them include cloud migration. We hear from our customers that they need more certainty before they double down on the cloud and go there with the entire AI workload that is currently being built.

Also.

They use the methodologies of top down enterprise sales things that in the past.

Yes, so obviously, we would not share some operation on a metric but of course, we're tracking it.

Did impact is like three years ago four years ago, when we used to sell to developers there were no expansion and now what you can see now.

They are.

Very important key cares for the go to market team when it comes to the Gulf Sanjay and when its security when it as cloud cloud migration AI and ml ops adoption now Dev ops and compliance.

Not only by the reports of the big numbers all the big companies, but also the entire revenue growth into consistent growth is that.

The team is focus on enterprise sales upmarket no exactly out to expand the platform.

What you can see in the numbers and this is not the first quarter is I think the fifth quarter in a hole that we are consistently deliver what we're committed to is that not only the sales team is focused.

And we are very pleased with the results.

Your next question comes from the line of Brad Reback with Stifel. Your line is open. Please go ahead.

Also.

Great. Thanks, very much let me I'll take the five quarters, one step farther.

They use the methodologies of top down enterprise sales things that in the past.

Shlomi Haim: For sure, the fit for purpose that we reported in the past is still relevant. You also know that part of our guidance philosophy, these deals are being de-risked from our pipeline. We are being very cautious with kind of hanging the expectations high when it comes to cloud migration and cloud consumption. In terms of the consumption, as I answered before to Sanjit’s question, we see more software packages that are related to the AI world being used. Still, we want to make sure that this is a new behavior and not just a trend that will pass when people will decide whether they go with cloud or on-prem. Regarding what we see from the behavior of those customers that are above minimum commitments that go to a higher annual commitment, it's still not easy to do this.

And say that the magnitude of the SaaS beat over those five quarters continues to get bigger so maybe building on <unk> question.

Didn't boxes like three years ago, four years ago, when we used to sell to developers there were no expansion and now what you can see.

Is there any reason why you wouldn't accelerate sales and marketing head count spend as we head into next year to take advantage of all of this opportunity you see.

Not only by the reports of the big numbers all the big companies, but also the entire revenue growth into consistent growth is that.

No reason, we are investing in go to market. We are investing in go to market in a responsible way we want to see that what we deploy.

The team is focused on enterprise says upmarket no exactly out to expand the platform.

And we are very pleased with the results.

Also comes out as Devry ROI for our investment and it's on all front you can see the amount of releases from the product side, but you can also see the alignment on the go to market side when when we delivered the numbers with such a strong beat.

Your next question comes from the line of Brad Reback with Stifel. Your line is open. Please go ahead.

Great. Thanks, very much let me I'll take the five quarters, one step farther.

And say that the magnitude of the SaaS beat over those five quarters continues to get bigger so maybe building on <unk> question.

Your next question comes from the line of Andrew Sherman with TD Cowen. Your line is open. Please go ahead.

Is there any reason why you wouldn't accelerate sales and marketing head count spend as we head into next year to take advantage of all of this opportunity you see.

Shlomi Haim: The sales team has done a good job. That's strategically aligned with our philosophy. Budgets are still not fully aligned there yet. For those customers, they're now secure, and it gives them that confidence to flex up and down. We continue to see strong usage across the board, especially in Q3. We also know heading into Q4, it's a seasonably slower quarter due to the holidays. That's also something that we take into consideration. Your next question comes from the line of Brian Essex with J.P. Morgan Chase. Your line is open. Please go ahead. Hi, good afternoon. Thank you for taking the question, and congrats for me as well on these results. They're really nice to see the acceleration. Maybe for Shlomi, any way to quantify what kind of lift you get in the quarter or you had in the quarter from conversions to cloud.

Great. Thank you.

Shlomi I wanted to ask about the security wins and pipeline and some good color there in the quarter, but for the Q4 pipeline and beyond that how is that tracking how much as a pipeline up what's your confidence in closing some of these big deals at the sales cycle has changed at all.

No reason, we are investing in go to market. We are investing in go to market in a responsible way we want to see that what we deploy.

As the market kind of shaping up competitively for these deals too. Thanks.

Great question.

We see.

A lot of opportunities in our pipeline.

Including security, obviously, Jay for curation. Following the incident of NPM is something that a lot of our customers are asking and inquiring about the sales cycles are longer when it comes to security because no customer comes with zero security coverage. So obviously.

Your next question comes from the line of Andrew Sherman with TD Cowen. Your line is open. Please go ahead.

Great. Thank you.

Shlomi I wanted to ask about the security wins and pipeline and some good color there in the quarter, but for the Q4 pipeline and beyond that how is that tracking how much was that pipeline up what's your confidence in closing some of these big deals of the sales cycle has changed at all.

Shlomi Haim: Maybe what percentage of your customer base is kind of remaining to convert? Yeah. We are not disclosing this number, Brian, but what I can tell you is that if you look at the report of the over $1 million customers, we have now 71. That's a growth of 54% over here. I can say that the majority of them were not just using more platform capabilities, but also used it in the cloud. While we are not disclosing it, the cloud for sure is a strong growth engine for the company. Your next question comes from the line of Shrenik Kothari with Baird. Your line is open. Please go ahead. Yeah. Thanks a lot for taking my question. Shlomi, definitely securing the software supply chain for AI models, continuous packages, sounds like a critical pain point right now.

It's not just a matter of.

Upgrading themselves, but also displacing something that they use and the bad.

So the answer regarding the pipeline is growing and we are very pleased with what we see there. It's also to remind you. It's only part of our enterprise X and enterprise SaaS subscription so sometimes it also drive an upgrade.

As the market kind of shaping up competitively for these deals too. Thanks.

Great question.

We see.

A lot of opportunities in our pipeline, including security obviously, Jay for curation. Following the incident. The MTN is something that a lot of our customers are asking and enquiring about the sales cycles are longer when it comes to security because no customer comes.

In the subscription and.

Third to our methodology when it comes to Mega deals in.

In the water platform that also includes security we are de risking is to make sure that we are not missing a quarter because the customer need a bit more time.

Zero security coverage. So obviously, it's not just a matter of.

To conclude.

Conclude the proof of concept overall, the sales cycles are a bit longer but not massively longer I would say three quarters and average sometimes its full quarter really depend on how many persona are involved and what do you need to.

Upgrading themselves, but also displacing something that they're using the bat.

Shlomi Haim: I just wanted to hear your thoughts on what do you think about customers kind of truly allocating new budgets towards this and just the sustainability of these budgets? Are you saying it's getting bundled into existing DevSecOps and you are gaining from consolidation? You did note many attacks like the recent NPM and PyPI threats that are thwarted by curation. Just curious how customers are thinking about the budgets going forward. I'd follow for Ed. Yeah, Shrenik, that's actually two different questions. First of all, there is a higher threat on software supply chain because hackers are after your software packages. If you don't cover yourself there, as I said, it's a matter of when and not a matter of if you will be attacked.

What do you need to adopt from April.

Your next question comes from the line of Jason <unk> with Keybanc. Your line is open. Please go ahead hey.

In the subscription and.

Food to our methodology when it comes to Mega deals in.

Great. Thanks for fitting me in and really wonderful quarter.

The two wins you talked about that I thought were interesting.

The award of a platform that also includes security. We are de risking is to make sure that we're not missing a quarter because the customer need a bit more time.

<unk> U K customs customer and in the U S Federal agency.

Did these deals directly benefit from the launch of Amtrust I'm, just trying to understand how amtrust in the government opportunity.

To conclude.

Conclude the proof of concept overall, the sales cycles are a bit longer but not massively longer I would say three quarters and average sometimes it's.

My plans are catalyst. Thank you.

Yes.

Well, it's really a big win.

Third quarter really depend on how many persona are in.

And obviously it was an RFP so not only <unk> compete although this opportunity and we are very proud of the team that delivered that by the way a very long process, obviously in front of the government.

And what do you need to.

What you need to adopt from April.

Shlomi Haim: NPM, PyPI, MCP, in the past, you remember Log4j, these are all software packages, and attackers are going there because this is binaries, and binaries are also the asset that our customers have in the runtime. Basically, if you are attacked from runtime through the binaries, you have full access to the software supply chain. That's front and center for every CISO now. The other question regarding new budgets allocated to security in the world of AI, I believe the answer is yes. It's not only the traditional security, but also GLC budgets. Cyber risk organizations are also looking at what happened in terms of governance and regulation a moment before AI is fully adopted by the biggest bank, the biggest car manufacturers, and the biggest retail companies. The gap between full adoption of AI to what we see now is basically.

Your next question comes from the line of Jason <unk> with Keybanc. Your line is open. Please go ahead.

<unk> is not yet included US was just announced last months few weeks, our baby products, we announced that together with service now we are building the pipeline for opera and the bad golf Ops landscape governance is something that we know that we'll get even more.

Great. Thanks for fitting me in and really wonderful quarter.

<unk>.

Two when you talked about that I thought were interesting so the the.

<unk> U K customs customer in the U S Federal agency.

Did these deals directly benefit from the launch of Amtrust I'm just trying to.

And how have trust in the government opportunity.

<unk>.

Demanding when AI will fit in so not yet, but I will ask for something that you didn't ask there is room to grow with all of our customers want us in.

My plans are catalyst. Thank you.

Yes.

Well, it's really a big win.

And obviously it was an RFP so not only Jay for compete over this opportunity and we are very proud of the team that delivered that by the way a very long process, obviously in front of the government.

Your next question comes from the line of Emon Cofflin with Barclays. Your line is open. Please go ahead.

Hey, guys. Thanks for taking the question I would reiterate congrats on a great quarter.

<unk> is not yet included US was just announced last months few weeks, our baby products, we announced that together with service now we are building the pipeline for upfront and the best Golf Ops landscape governance is something that we know that we'll get even more.

Strong enterprise customer adds really stood out in the quarter can you help us understand some of the key drivers. There like are you spending more time engaging with your partner ecosystem is it a function of more mature sales team just curious if theres anything youre doing to adjust a little bit of your sales motion our go to market motion. Thanks.

Shlomi Haim: Trust, control, security, and governance. For sure, there is more budget there and more attention of CISOs and CIOs to make sure that software delivery driven by AI is not putting the company in risk. Okay, Shlomi, just quickly add a follow-up on several events were highlighted. You mentioned meaningful GCV. In light of the strong Q3 and traction around security AI, the guide for Q4 does appear measured. You did touch upon it. It's coming from a place of prudence, but just implied is more kind of 25% to 30%. Is there more prudence coming from the Fed side? Anything that you can comment on deal timing, variability, just given the prolonged shutdown? Yeah. Thanks for the question, Shrenik. There's nothing related to a government shutdown that would change anything in terms of our sentiment going forward. We've managed this year with prudence.

<unk>.

Demanding when AI will fit in so not yet, but I will answer something that you didn't ask there is room to grow with all of our customers want opt us.

Thanks for the question, Yes, we're seeing great traction in the enterprise, especially those customers over a $1 billion, what we see in Shlomi talked about this previously security is becoming a driver of many of those large deals and it's also in the cloud. So we see this expansion of the usage over the minimum commit.

Your next question comes from the line of Gigamon Cofflin with Barclays. Your line is open. Please go ahead.

And expanding to a bigger commitments taking security on top of that that drove many of the deals that we saw 10 customers that we had over a $1 million during the quarter, 54% growth.

Hey, guys. Thanks for taking the question I would reiterate congrats on a great quarter.

The efforts of the go to market team and it's really.

Three or four year investment that we made and we're starting to see the fruits of those labor.

Your next question comes from the line of Jonathan <unk> with Cantor. Your line is open. Please go ahead.

Thanks for the question, Yes, we're seeing great traction in the enterprise, especially those customers over $1 billion, what we see in Shlomi talked about this previously security is becoming a driver of many of those large deals and it's also in the cloud. So we see this expansion of the usage over the minimum commit and expanding to a bigger commitments.

Yeah, Hey, guys congrats on the performance.

Curious so last week opening AI announced a private.

Shlomi Haim: We're continuing to manage the year with prudence. There are a lot of factors that we take into consideration. I want to remind you there is no usage over minimum commitments in our guide. We de-risk for our largest deals as the timing of those deals is still uncertain, but nothing has changed from our previous philosophy. We're continuing to use that same philosophy in our Q4 and fiscal year guidance. Your next question comes from the line of Itai Kidron with Oppenheimer. Your line is open. Please go ahead. Thank you. Congrats, guys. Really impressive. Maybe a couple for me. Just on this last comment that you made about that you don't give guide over the minimum commits, can you tell us in the quarter itself, this quarter, what was the upside from kind of spillover over the minimum commits?

Security application called I think it's our embark on it but it seems to differentiate with a L M driven approach to vulnerability detection and remediation.

Taking security on top of that that drove many of the deals that we saw 10 customers that we had over $1 million during the quarter, 54% growth. It's.

I'm curious if you could just talk about how it compares to X rates capabilities, but maybe I think more importantly, the announcement it swap up.

It's the efforts of the go to market team and it's really at.

Three or four year investment that we've made and we're starting to see the fruits of those labor.

Around the genetic remediation capabilities. How do you think is maybe further differentiate <unk> from.

Emerging competition.

Your next question comes from the line of Jonathan <unk> with Cantor. Your line is open. Please go ahead.

Yeah, John well this was a very important announcements coming from open AI and obviously, we saw it and we wont we don't been AI on the on a monthly basis, if not daily basis.

Yeah, Hey, guys congrats on the performance.

I'm curious so last week opening.

I announced a private security.

Security application called I think it's our embark on it but it seems to differentiate with a L M driven approach to vulnerability detection and remediation.

This is great news because it is yet another proof that.

Shlomi Haim: Yeah, we didn't break that out, and we're not willing to provide that information. If you think about what we carried over from Q3 into Q4 sequentially, that is the commitment levels. Anything above that, I would consider to be usage over minimum commits. Okay. Shlomi, for you, clearly, you're doing very well. I'm kind of wondering internally what percent of your sales force is running above quota for the year, and if that's running at a level that's higher than your normal internal averages. I'm just trying to think about your soon-to-finish the year. You have to start thinking about how do you make tweaks and changes.

Human security.

Is it sort of human called creation is being covered by models that basically.

I'm curious if you could just talk about how it compares to X rays capabilities, but maybe I think more importantly, the announcement it swap.

Supporting the philosophy, that's what you need to to investing is to protect your binaries.

Tom.

Around the genetic remediation capabilities. How do you think this may be further differentiate <unk> from.

The announcement for open AI is a solution that replaces static analysis basically.

Emerging competition.

Yeah, John well this was a very important announcement coming from open AI and obviously, we saw it and we wont we don't been AI on a monthly basis, if not daily basis.

God that is created in human language and not binary.

If it will drive something I think it will drive more interest in what we what we bring to the market, which is a complementary solution to protect your entire software supply chain. So yes, LLM can provide youll source code security, it's not binary and that was really from open AI.

This is great news because it is yet another proof that a human security.

Shlomi Haim: I was wondering if you have any initial thoughts, given the change in the landscape, AI, the breadth of your portfolio, if you have any initial thoughts on how you're going to tinker with comp as you go into next year. Yes, Itai. Obviously, we will not share some operational metrics, but of course, we are tracking it. There are very important kickers for the go-to-market team when it comes to the growth engine, when it's security, when it's cloud, cloud migration, AI and MLOps adoption, now DevGovOps, and compliance. What you can see in the numbers, and this is not the first quarter, it's the, I think, the fifth quarter in a row that we are consistently delivering what we are committed to, is that not only the sales team is focused, but also.

Is it solving human called creation is being covered by model that's basically.

Your final question comes from the line of Rob Owens with Piper Sandler. Your line is open. Please go ahead.

Supporting the philosophy, that's what you need to to investing is to protect Youll binaries.

Great. Good afternoon. Thanks for squeezing me in just a couple quick ones for me, where you talked about cloud migration and some of those in the pipeline.

The announcement follow up in AI is a solution that replaces static analysis basically.

Taking the other side of that the customers that arent moving to cloud what are some of the governors or some of the reasons that.

But that is created in human language and not binary.

Theyre not moving to cloud at this point I understand that having a hybrid architectures as part of your value proposition, which is just contemplating that move to cloud and maybe some of them some of the barriers to get to certain customers to move.

If it will drive something I think it will drive more interest in what we what we bring to the market, which is a complementary solution to protect your entire software supply chain. So yes, LLM can provide your <unk> security, but not binaries and that was really from open AI.

Yes, that's a good question Rob.

So assuming that our customers the enterprise big customers moving to the cloud from an on Prem setup means that they had their own projects. They understood. The scope of this project and they wanted to move their workloads to the cloud.

Shlomi Haim: They use the methodologies of top-down enterprise sales, things that in the past we didn't practice like three years ago or four years ago when we used to sell to developers. There were no extensions. Now what you can see, not only by the reports of the big numbers or the big companies, but also the entire revenue growth, and the consistent growth, is that the team is focused on enterprise sales, up market, know exactly how to extend the platform. We are very pleased with the results. Your next question comes from the line of Brad Reback with Stifel. Your line is open. Please go ahead. Great. Thanks very much. Shlomi, I'll take the five quarters one step farther and say the magnitude of the SaaS beat over those five quarters continues to get bigger.

Your final question comes from the line of Rob Owens with Piper Sandler. Your line is open. Please go ahead great. Good afternoon. Thanks for squeezing me in just a couple quick ones for me, where you talked about cloud migration and some of those in the pipeline.

In order to kind of.

A better elasticity for the company now comes AI and to see a new workloads. They don't know how much they will pay for storage. They don't know how much David would pay for data transfer when you. When you train these models, where the data at the <unk> model will be offered that takes a bit more time for them to analyze those things.

Taking the other side of that the customers that arent moving to cloud what are some of the governors or some of the reasons that.

Aside the cost predictability. They also have some security and governance concerns.

Yes, that's a good question Rob.

So assuming that our customers are enterprise big customers moving to the cloud from an on Prem setup means that they had their own projects. They understood. The scope of this project and they wanted to move their workloads to the cloud.

Training this model how this model is being.

Exposed.

What are we doing in order to protect the company from a form of having any type of malicious models coming in and this I think.

Shlomi Haim: Maybe building on Itai's question, is there any reason why you wouldn't accelerate sales and marketing headcount spend as we head into next year to take advantage of all this opportunity you see? No reason. We are investing in go-to-market. We are investing in go-to-market in a responsible way. We want to see that what we deploy also comes out as the right ROI for our investment. It's on all fronts. You can see the amount of releases from the product side, but you can also see the alignment on the go-to-market side when we delivered the numbers with such a strong beat. Your next question comes from the line of Andrew Sherman with TD Cowen. Your line is open. Please go ahead. Great. Thank you. Shlomi, I wanted to ask about the security wins and pipeline. Some good color there in the quarter.

In order to kind of.

Bring them to take a bit more time or at least this is what they tell us they need a bit more time before they fully bet on the cloud like it used to be maybe in a process a year ago two years ago.

A better elasticity for the company now comes AI and to see a new workloads. They don't know how much they will pay full storage. They don't know how much David would pay for data transfer when you. When you train these models, where the data at the <unk> model will be offered that takes a bit more time for them to analyze listening to.

Jay for August positioned to capture the opportunity both ways either they will stay in on Prem customers, and we will support them and grow with them. They're all they will move to the cloud then we will do it.

Aside the cost predictability. They also have some security and governance concerns boost training. This model how this model is being <unk>.

In the cloud with them on the multi cloud basis or one cloud basically the hybrid solution to Jacob provided is the fit for purpose that they add.

Exposed.

What are we doing in order to protect the company from a form of having any type of malicious models coming in and this I think.

There are no further questions at this time I will now turn the call back to Shlomi for closing remarks.

Thank you everyone for joining us on this quarter results in the earning call made the frog be with you take care.

Bring them to take a bit more time or at least this is what they tell us they need a bit more time before they fully bet on the cloud like it used to be maybe in a process a year ago two years ago.

This concludes today's call. Thank you for attending you may now disconnect.

Shlomi Haim: For the Q4 pipeline and beyond that, how is that tracking? How much is that pipeline up? What's your confidence in closing some of these big deals? Have the sales cycles changed at all? How's the market kind of shaping up competitively for these deals too? Thanks. Yeah, great question. We see a lot of opportunities in our pipeline, including security. Obviously, JFrog Curation following the incident of NPM is something that a lot of our customers are asking and inquiring about. The sales cycles are longer when it comes to security because no customer comes with zero security coverage. Obviously, it's not just a matter of upgrading themselves, but also displacing something that they used in the past. The answer regarding the pipeline is growing, and we are very pleased with what we see there.

In the cloud with them on the multi cloud basis or one cloud basically the hybrid solution to Jacob provided is the fit for purpose that they add.

There are no further questions at this time I will now turn the call back to Shlomi for closing remarks.

Thank you everyone for joining us on this quarter results in the earning call made the frog be with you take care.

This concludes today's call. Thank you for attending you may now disconnect.

Shlomi Haim: It's also, to remind you, it's only part of our Enterprise X and Enterprise Plus subscription. Sometimes it also drives an upgrade in the subscription. Through to our methodology, when it comes to mega deals in the world of platforms that also include security, we are de-risking it to make sure that we are not missing a quarter because the customer needs a bit more time to conclude the proof of concept. Overall, the sales cycles are a bit longer, but not massively longer. I would say three quarters in average. Sometimes it's four quarters. Really depends on how many personas are involved in what you need to adopt from JFrog. Your next question comes from the line of Jason Celino with KeyBank. Your line is open. Please go ahead. Hey, great. Thanks for fitting me in, and really wonderful quarter.

Shlomi Haim: The two wins you talked about that I thought were interesting, the one UK customer and then the US federal agency. Did these deals directly benefit from the launch of Uptrust? I'm just trying to understand how Uptrust and the government opportunity might play as a catalyst. Thank you. Yeah, that was really a big win. Obviously, it was an RFP, so not only JFrog competes over this opportunity, and we are very proud of the team that delivered that. By the way, a very long process, obviously in front of the government. Uptrust is not yet included. Uptrust was just announced last month, a few weeks, a baby product. We announced that together with ServiceNow. We are building the pipeline for Uptrust, and the DevGovOps landscape governance is something that we know that will get even more demanding when AI will fit in.

Shlomi Haim: Not yet, but I will answer something that you did not ask. There is room to grow with all of our customers when Uptrust is in. Your next question comes from the line of Iman Koflin with Barclays. Your line is open. Please go ahead. Hey, guys. Thanks for the question. I would really congrats on a great quarter. The strong enterprise customer adds really stood out in the quarter. Can you help us understand some of the key drivers there? Are you spending more time engaging with your partner ecosystem? Is it a function of a more mature sales team? Just curious if there is anything you are doing to adjust a little bit of your sales motion or go-to-market motion. Thanks. Hi, Iman. Thanks for the question. Yeah, we are seeing great traction in the enterprise, especially those customers over a million dollars.

Shlomi Haim: What we see, and Shlomi talked about this previously, security is becoming a driver of many of those large deals, and it's also in the cloud. We see this expansion of the usage over the minimum commit and expanding to a bigger commitment, taking security on top of that. That drove many of the deals that we saw, 10 customers that we had over a million during the quarter, 54% growth. It's the efforts of the go-to-market team, and it's really a three or four-year investment that we made, and we're starting to see the fruits of those labor. Your next question comes from the line of Jonathan Reedhaver with Kantor. Your line is open. Please go ahead. Yeah. Hey, guys. Congrats on the performance. I'm curious. Last week, OpenAI announced a private beta of a security application called, I think it's Ardvark.

Shlomi Haim: It seems to differentiate with an LLM-driven approach to vulnerability detection and remediation. I'm curious if you could just talk about how this compares to Xray's capabilities, but maybe, I think more importantly, the announcement at Swamp Up around agentic remediation capabilities. How do you think this maybe further differentiates you from emerging competition? Yeah, John. Well, this was a very important announcement coming from OpenAI, and obviously, we saw it, and we work with OpenAI on a monthly basis, if not daily basis. This is great news because it's yet another proof that human code creation is being covered by models. That's basically supporting the philosophy that what you need to invest in is to protect your binaries. The announcement from OpenAI is a solution that replaces static code analysis, basically code that is created in human language and not binaries.

Shlomi Haim: If it will drive something, I think it will drive more interest in what we bring to the market, which is a complementary solution to protect your entire software supply chain. Yes, LLM can provide your source code security, but not binaries. That was the release from OpenAI. Your final question comes from the line of Rob Owens with Piper Sandler. Your line is open. Please go ahead. Great. Good afternoon. Thanks for squeezing me in. Just a couple of quick ones for me. Where you talked about cloud migration and some of those in the pipeline, taking the other side of that, the customers that aren't moving to cloud, what are some of the governors or some of the reasons that they're not moving to cloud at this point?

Shlomi Haim: I understand that having a hybrid architecture is part of your value proposition, but just contemplating that move to cloud and maybe some of the. Barriers to get certain customers to move. Yeah, that's a good question, Rob. So assuming that our customers, enterprise, big customers, moving to the cloud from an on-prem setup means that they had their own projects, they understood the scope of this project, and they wanted to move the workload to the cloud. In order to kind of. Provide a better elasticity for the company. Now comes AI, and they see a new workload. They don't know how much they will pay for storage. They don't know how much they will pay for data transfer when you train these models. Where the data that train this model will be hosted, that takes a bit more time for them to analyze.

Shlomi Haim: Putting aside the cost predictability, they also have some security and governance concerns. Who is training this model? How this model is being. Exposed? What are we doing in order to protect the company from. Having any type of malicious models coming in? And this, I think. Brings them to take a bit more time, or at least this is what they tell us. They need a bit more time before they fully bet on the cloud like it used to be maybe in a process a year ago or two years ago. JFrog is positioned to capture the opportunity both ways. Either they will stay in on-prem customers, and we will support them and go with them there, or they will move to the cloud, and we will do it. In the cloud with them on a multi-cloud basis or one cloud.

Shlomi Haim: Basically, the hybrid solution that JFrog provided is the fit for purpose that they asked for. There are no further questions at this time. I will now turn the call back to Shlomi for closing remarks. Thank you, everyone, for joining us on this quarter results and earning call. May the frog be with you. Take care. This concludes today's call. Thank you for attending. You may now disconnect.

Q3 2025 JFrog Ltd Earnings Call

Request a DemoDemo

FROG

JFrog

Earnings