JFrog Ltd.

Q3 2023 Earnings Conference Call

11/1/2023

spk15: Ladies and gentlemen, thank you for joining us, and welcome to JFrog's third quarter 2023 earnings conference call. I'll hand the conference over today to Shanti Eriker, Chief Legal Officer. Shanti, please go ahead.
spk00: Good afternoon, and thank you for joining us as we review JFrog's third quarter 2023 financial results, which were announced following market close today via a press release. Leading the call today will be JFrog's CEO and co-founder, Shlomi Ben-Chayim, and Jacob Schulman, JFrog CFO. During this call, we may make statements related to our business that are forward-looking under federal securities laws and are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, including statements relating to our future financial performance, including our outlook for Q4 and the full year of 2023. The words anticipate, believe, continue, estimate, expend, intend, will, and similar expressions are intended to identify forward-looking statements or similar indications of future expectations. You are cautioned not to place undue reliance on these forward-looking statements, which reflect our views only as of today and not as of any subsequent date. Please keep in mind that we are not obligating ourselves to revise or publicly release the results of any revision to these forward-looking statements in light of new information or future events. These statements are subject to a variety of risks and uncertainties that could cause actual results to differ materially from these expectations. For a discussion of material risks and other important factors that could affect our actual results, please refer to our Form 10-K for the year ended December 31, 2022, filed with the SEC on February 9, 2023, which is available on the Investor Relations section of our website and the Earnings Press release issued earlier today. Additional information will be made available in our Form 10-Q for the quarter ended September 30, 2023, and other filings and reports that we may file from time to time with the SEC. Additionally, non-GAAP financial measures will be discussed on this conference call. These non-GAAP financial measures, which are used as measures of JFROG's performance, should be considered in addition to, not as a substitute for, or in isolation from, GAAP measures. Please refer to the tables in our earnings release for a reconciliation of those measures to their most directly comparable GAAP financial measures. A replay of this call will be available on the JFROG Investor Relations website for a limited time. With that, I'd like to turn the call over to JFROG CEO, Shlomi Ben-Chaim. Shlomi?
spk06: Thank you, Shanti, for the introduction, and thanks for stepping in today. as we send warm wishes for fast return to health for Jeff Reiner, our VP of Investor Relations. Greetings from Israel. Good afternoon, everyone, and thank you for joining us. On Saturday, October 7, the nation of Israel awoke to a brutal terrorist attack targeting its civilian population. This tragic event resulted in the loss of innocent lives, including children, women, and the elderly. This heartbreaking incident escalated rapidly into an expanded war against the terrorist organization Hamas. A few hours into the situation, JFrog, as a global company with a presence in 10 different countries, activated its business continuity plan comprising three pillars. First, our internal plan to ensure the safety of our employees in Israel and maintaining communication channels. Second, is a technology pillar to ensure continuity of our services, security, cyber defense, and R&D. Finally, we activated the plan for external facing activities to ensure continuity of our customers' engagement, support, and external communication. I'm pleased to report that our operations are running smoothly and our employees are safe and accounted for. Notably, the Council in Israel has not prompted us to change our physical year 2023 business goals that were previously shared with you. We are closely monitoring the situation, but remain confident that the company will meet these targets. We extend our heartfelt condolences to the families who have tragically lost their loved ones. Our thoughts and prayers are with them during these incredibly difficult times. We pray for the safe and fast return of the hostages who have been kidnapped by Hamas, and we hope for the complete recovery of the thousands of individuals who have been injured. With that, I will move to the business. I'm pleased to report that JFrog's third quarter revenue again exceeded our prior guidance, driven by increased cloud consumption, broader adoption of our security solution, and growing enterprise scale adoption of the JFOG Software Supply Chain Platform. Our third quarter revenue was $88.6 million, reflecting 23% year-over-year growth. Cloud usage accelerated in Q3, delivering revenue of $30.6 million, increasing 46% year-over-year. We also exceeded our profitability guidance with a non-GAAP profit of $16.6 million, generating $25.4 million in free cash flow. Customers with ARR over $100,000 grew to 848 compared to 696 in the year-ago period, increasing 22% year-over-year. Customers with ARR over $1 million increased by six companies in the quarter to a total of 30. versus having 18 customers over $1 million in Q3 of last year. This is up 67% compared to the year-ago period. These results reflect the critical importance of the full JFrog Software Supply Chain platform for software development infrastructure, with our three pillars of DevOps, security, and IoT driving strategic customer value. Now, I would like to expand on what made Q3 a strong quarter for JFrog, as our investments continue to bear fruit in accordance with the long-term plans we shared with you at the beginning of the year. First, we continue to see growth in large-scale enterprise adoption of our complete software supply chain platform. Next, our comprehensive integrated software supply chain security and the adoption of our built-in end-to-end technology versus built-on legacy point solution scanners. Third, our cloud goals and marketplace channels driven by our strategic sales team and through our cloud partnerships. And finally, JFrog's expansion into machine learning operations and AI solutions. I'll start with the goals in large-scale enterprise platform adoption. With increasing demands for delivering speed and the need for scalability and regulatory compliance, we are seeing more of our enterprise customers consolidating tools into a comprehensive platform. As an example, one of the largest telecommunication providers in the United States, with millions of global users, migrated away from a competitive self-hosted solution to the JFrog platform in Q3 with an eight-figure multi-year new business deal to standardize their operation and modernize their DevOps and DevSecOps practices in the cloud. They selected the JFrog platform's end-to-end capabilities, allowing them to build faster using JFrog Artifactory as a single source of record with high availability and efficient redundancy across their entire software development lifecycle. They further noted and need to deliver more robust policy management capabilities at scale and bring comprehensive security to the complete pipeline processes. We look forward to partnering with these customers to achieve the goals of on-prem to cloud migration, developer experience upgrades, high availability, universal binary management, and a comprehensive software supply chain security implementation. This use case reflects a growing trend of enterprise-wide adoption of the JFOG platform and long-term standardization on JFOG DevSecOps technologies. At our recent user conference, SwampUP, customer speakers from global companies such as Fidelity, Netflix, Capital One, and eBay, just to name a few, all reflected a common trend. A single source of record of your software supply chain required complete management and control of binaries. A platform that is binary centric from end to end is the only way to automate and secure with speed. On that note, I would like to address adoption of our holistic security solutions and the customer trend of tooling consolidation. It's a fact that the software supply chain flow is the flow of binaries, meaning through security can only be achieved with complete control of both binary release cycle as well as binary contents, dependencies, and metadata. JFrog continues to deliver security solutions into the market that are aligned with new attack threats and consolidations of point solution under one vendor. For example, JFrog curation, released in July and keynoted at our SwampUp conference, addresses the real pain of the enterprise around the secure consumption of open source technologies coming from public repositories. In addition, the new release of JFrog catalog provides a listing of over 4 million third-party software packages stored in public repositories, solidifying JFrog as a single source of truth for the holistic secure management of software packages. While companies' blind spot may be the security of open source and third-party packages, binaries are also built by in-house developers writing first-party code. To achieve end-to-end security coverage, JFrog is taking the security of software releases a step further to the left with the general availability of code scanning capabilities, often known as Static Application Security Testing, or SAFT. With these announcements in Q3, JFrog is the first solution in the industry to deliver end-to-end software supply chain security, providing customers complete coverage from code to production. JFrog code scanning with the new SaaS solution protects first-party code. JFrog Curation protects companies from unwanted third-party packages from entering their organizations. And JFrog Catalog provides metadata and augmented information about the company's binaries. Together with JFrog X-Ray and Advanced Security for secret detection and contextual analysis, JFrog is the only company that delivers complete security solution with a binary-centric approach. Combined with Artifactory, the leading binary repository, JFog provides a complete DevSecOps solution for your software supply chain. This end-to-end security approach continues to gain traction across verticals. For example, one of the world's largest biotech companies recently adopted our entire security offering on the JFog platform, looking to consolidate point solutions They saw the value of having software supply chain security integrated with their binary management system. We look forward to helping them address their software supply chain security needs holistically. As they tell us, they intend to migrate away from point solutions such as MEND in their tool stack. In another highly regulated industry, a nuclear security group within the United States Department of Energy recently acquired the JFOG platform to improve their software supply chain security posture. One of the cybersecurity specialists in the Nevada National Security Site Team, Brian Walkman, noted, a software supply chain platform is necessary for a practical means to meet certain governmental and standards requirements. More importantly, security at all stages of the software development lifecycle is necessary for national security interest. Our response is, JFrog does that, end quote. Next, I would like to address growth in cloud adoption, marketplace channel growth, and our strategic sales motions. The expansion in the number of our over $1 million ARR customers this quarter demonstrate the continuing focus of our strategic sales team on driving large-scale software supply chain platform implementation with the key partnership of the major cloud providers. For example, one of the world's largest cloud computing and virtualization technology companies came to JFrog looking to implement their DevOps and DevSecOps cloud-first strategy. First looking to host JFrog platform services themselves in the cloud, they rapidly realized they would greatly lower their total cost of ownership due to the lower maintenance and infrastructure costs that would be safe by utilizing JFrog cloud services. With nearly 3,000 developers, this company is working with JFrog to provide a complete end-to-end platform implementation, which they acquired through the Microsoft Azure Marketplace through our strategic sales and partner teams. We believe our long-term investment in this top-down enterprise sales approach, driven by our strategic team, will continue to provide the North Star for JFrog's top-shelf customers' growth. Finally, regarding AI and machine learning, we were proud to announce the availability of DevOps and DevSecOps industry-first support for machine learning model management in the JFrog platform in late Q3. As Katie Norton, senior research analyst for DevOps at IDC, noted in her SwampUP report, quote, the ML model management capabilities expand the JFrog platform into an entirely new space and persona. A single system of record that can help automate ML models development, ongoing management, and security alongside all other components packaged into an application offers a compelling alternative. End quote. Just as we provided common ground for developers and IT engineers years ago when DevOps started, JFrog now has the opportunity to bring the world of AI and MLOps into the world of DevOps and DevSecOps. Just as companies increasingly placed the demand on development teams to support security, they are now pressuring DevOps teams to deliver machine learning and AI capabilities in line with their applications. JFrog now provides a platform for binary management for developers, data scientists, machine learning engineers, and the machine themselves. As keynoted at SwampUP, JFrog is the first and only repository manager to proxy the most popular public AI and ML model repository, Hugging Face. We are also the first solution embedding security for ML models to scan models before they are used. Artifactory now natively supports AI models within the JFrog platform to manage and deliver ML capabilities alongside all other binaries within an organization. The AI supply chain is a software supply chain, and we are proud to be addressing this demand on developers. With that, I will turn the call over to our CFO, Jacob Shulman, who will provide an in-depth recap of Q3 financial results, as well as update you on our guidance for Q4 and for fiscal year 2023. Jacob.
spk07: Thank you, Shlomi, and good afternoon, everyone. During the third quarter, total revenues were $88.6 million, up 23% year over year. Our stronger than expected revenues in the quarter were driven by continued strength in our cloud business and expansion of large customers on the JFrog software supply chain platform. In the third quarter of 2023, our cloud business saw sequential expansion in customer usage, equaling revenues of $30.6 million, up 46% year over year. We're happy to see the acceleration in our cloud business growth, driven by continued increase in cloud usage and better collaboration with public clouds to enable large customers on their marketplaces. We reiterate our baseline cloud growth rate of mid 40s during fiscal year 2023. Self-managed revenues or on-prem were $58 million up 14% year-over-year during the quarter. We continue to see that our customers' roadmaps and plans are focused on SaaS migration, and therefore they do not expand their on-prem footprint at the same pace as in prior years. We continue to believe that our security solutions can be a potential catalyst to re-accelerate revenue growth and customer expansion within our self-hosted business. Net dollar retention for the four trailing quarters was 119%, a decline of one point sequentially. As predicted, NDR is stabilizing, and we continue to expect our net dollar retention rate for the year to be at these levels. Our gross retention continues to be 97%, with no change in overall customer return trends. In Q3, 46% of total revenue came from Enterprise Plus subscription, up from 39% in Q3 of 2022. Revenue from Enterprise Plus subscription grew 46% year over year. Now let me discuss our income statement in more detail. Gross profit in the quarter was $74.1 million, representing a gross margin of 83.7%. up by 10 basis points from the second quarter, as economies of scale and cost control offset higher cloud revenue contribution. Operating expenses for the third quarter was $62.3 million, up by $100,000 sequentially, equaling 70.2% of revenues, compared with $59.4 million, or 82.5% of revenues in the year-ago period. During the third quarter, we continued to remain focused on expense discipline while investing in scaling our enterprise sales and channel partner teams and introducing multiple new products. Our operating profits in Q3 was $11.9 million, or at 13.4% operating margin, compared to an operating income of $1.2 million or 1.7% operating margin in the prior year as we continue to execute toward increased profitability as suggested in our long-term model. Third quarter net income equaled $16.6 million or 15 cents per diluted share based on 110 million diluted shares outstanding versus a year ago net profit of $1.8 million or income of 2 cents per diluted share. Turning to the balance sheet and cash flow, we ended the September quarter with $502 million in cash and short-term investments, up from $443 million as of December 31, 2022. Cash flow from operations was a record $26 million in the quarter. After taking into consideration CAPEX, free cash flow was $25.4 million, generating a 28.6 free cash flow margin. A strong free cash flow margin is driven by better than expected profitability and strong collection from our customers. We increased our expectations for free cash flow margin in fiscal 2023 and now believe we'll be able to achieve 15 to 16% free cash flow margin. As of September 30th, 2023, our remaining performance obligation totaled $235.1 million. Now, I'd like to speak about our guidance for the fourth quarter and full year 2023. For Q4, we expect revenue to be between $92.5 million to $93.5 million, with non-GAAP operating profit between $10 to $11 million, and non-GAAP earnings per diluted share of 12 to 13 cents, assuming a share count of approximately 111 million shares. For the full year 2023, We anticipate total revenues in the range between $345.1 million and $346.1 million. Non-GAAP operating income is expected to be between $32.8 million and $33.8 million. And non-GAAP earnings per diluted share of 44 to 45 cents, assuming a share count of approximately 109 million shares. Now let me turn the call back to Shlomi for some closing remarks Before we take your questions, Shlomi.
spk06: Thank you, Jacob. We believe that Q3's strong results showcase the alignment with our long-term strategic growth plans as we continue to meet technology and business goals. To JFrog's tireless global team, thank you for your focus, solidarity, passion, and execution. Q3 is a testament to our resilience. I'm excited to welcome Ed Grabscheid as our new CFO beginning January 1st, 2024. Ed brings vast experience prior to his time at JFrog and in the past four years as part of our finance leadership. Ed, we are confident that your leadership will continue to drive JFrog's success. From here, I would like to send our CFO, Jacob Schulman, the best of wishes on his next journey. While you will be with us through the end of this year, I'll take the opportunity now to thank you, Jacob, for the years of friendship and partnership. You will always be a Frog. I would also like to congratulate Orit Goren, who was recently appointed as our Chief Sustainability Officer, highlighting JFrog's commitment to maintaining and driving responsible business. After many years as our Chief Operation Officer, I want to thank you, Orit, for taking on this very important role. In closing, our thoughts and prayers continue to be with the families affected by the brutality of the terror on Israel. Israel, like JFrog, is strong and will prevail. We hope for peaceful and secure days ahead. With that, thank you all for joining us for our Q3 earnings call, and may the Frog be with you. Now, we will be happy to take your questions. Operator?
spk15: Thank you so much. And at this time, I would like to remind everyone that in order to ask a question, press star and the number one on your telephone keypad. Once again, star and the number one. And in the interest of time, we ask only one question per caller. Thank you in advance for understanding. And we will take a moment to compile the Q&A roster. Please stand by. Okay, looks like our first caller is from Pinjalambora from JP Morgan. Go ahead, please.
spk02: Hey, guys. This is Noah on for Pinjal. I'm glad to hear everyone is staying safe. And congrats, Jacob. It's been great working with you and looking forward to working with you as well. Can you maybe just walk us through what you're seeing in terms of the cloud optimizations at this point and any other incremental coverage to provide on what drove the acceleration of cloud revenue growth? Thanks.
spk07: Yes, I know. So the trend that we see in Q3 continues the positive momentum on cloud usage. As you can see, our revenues accelerated, driven primarily by usage of our large customers and growth of our large customers and marketplaces. So that's very positive. We continue to see that migrations while accelerated a bit from prior quarter, still below prior year levels. And the overall adoption of our Enterprise Plus platform solution on marketplaces continues to drive our cloud revenues, and that's the reason for acceleration in the cloud and the quarter.
spk15: Okay, thank you so much. Next, we have a Question from Koji Ikeda, B of A Securities. Koji, go ahead.
spk10: Yeah, hi, thank you. Thanks for taking the questions. Just wanted to follow up on the cloud growth, the strong growth there. And Jacob, you just mentioned the migrations. But earlier in your prepared remarks, you were also talking about advanced security and its availability within the self-managed portion that could help re-accelerate that segment of the revenue mix. Just trying to think of the puts and takes here, thinking out into the future of how we should be thinking about overall migration as a SaaS revenue driver, but also the advanced security, which either could help stabilize or maybe even accelerate the self-managed piece. And we could start seeing that in that piece of the revenue. Thanks, guys.
spk06: Hi, Koji, and thank you for the question. This is Shlomi. I'll take this one. I think that what we see in the cloud and the growth, the 46% overall growth, is also a result of our strategic enterprise sales team together with our partner team. We discussed that earlier this year, the investment that we have done there. This team is focusing on not only migrating customers from self-hosted to the cloud or bring new logos to the cloud, This team is also focusing on looking holistically at the DevOps and DevSecOps requirements of our customers. Therefore, advanced security, curation, and the new capabilities that we announced recently at SwampUp and before are also included. We spoke about one of the biggest telecommunications in North America that just migrated to the cloud together with Dayfrog. This company also adopted JPEG advanced security with a meaningful part of the subscription. The other company which was discussed, the nuclear security company, also adopted the full platform together with security. So we see some kind of a movement, not only to have a DevOps end-to-end software supply chain solution, but also to have a comprehensive solution built-in security within the platform rather than using point solution.
spk15: Okay, thank you so much. Once again, a reminder, folks, star one on your touchtone phone if you'd like to ask a question. Once again, star one. All right, our next question is from Sanjit Singh with Morgan Stanley. Sanjit, please go ahead.
spk04: Hi, Oscar Saavedra. Go ahead with your question.
spk05: Hello, can you hear me?
spk04: Yes, we can hear you. Go ahead.
spk05: Okay, sorry. Yeah, it's nice to hear about your investing in southern marketing to drive adoption in the large enterprise, but if we look at the last couple quarters, that as a percentage of revenue has sort of lowered. How should we think about that? Is your plan to increase your headcount in that department, or do you think at this point you have the needed sales force to drive that adoption?
spk07: Thank you. Yes, sure. So over the past years, we've made significant investments into our go-to-market capabilities. A few years back, we started building our enterprise sales team, strategic sales team. Then last year, we started building our partnership and channel team. So we continue to make investments and we build security overlay and some additional capabilities on holistic top-down approach to go-to-market approach. So those investments started bearing fruit, and that's why we see that S&M investment as a percent of revenue becoming more scalable and we see more leverage. We'll definitely continue to invest in those capabilities. And we'll continue to grow our sales and marketing expenses in absolute dollars. But in the long term, as predicted in our long-term model, we expect to see more leverage. And therefore, the percent of revenue of these expenses will continue to go down in the long term.
spk15: Okay. Thank you very much. Next, we have a question from Miller Jump with Truist & Company. Go ahead, Miller.
spk03: hey thank you for taking the question and congrats on the strong results um i guess i was just curious could you talk about maybe the advanced uh or excuse me the opportunity you see for advanced security and curation this year going into the fourth quarter given the concentration of renewals there and just any color you could give on what you're baking into guidance for that thanks
spk06: Yes, thank you for this question. As we guided the market, we announced JPEG Advanced Security earlier this year. It's a set of six capabilities that are added to the platform. Just last quarter, we announced Curation, which is an additional product that protects the organization from the get-go. We We think that what we see here is an adoption of a consolidated security solution, which will become material in the next year. And this is how we guided the market. Currently, we are very pleased with the adoption. Tens of customers that already adopted this as part of the platform usage. The security additions will become material in the next year.
spk15: Okay, thanks so much. Next, we have a question from Kingsley Crane with Canaccord Genuity Corporation. Kingsley, go ahead.
spk01: Hi, thanks for taking the question. So at SwampUp, Peter, you mentioned that the products you were releasing were thematically consistent with the growth drivers of cloud and security, so they kind of fit nicely in with the long-term model of 30% plus growth. So as we move forward, how much of that how much of your existing product portfolio can contribute to that growth figure? Or in other words, how much more products do we need to be released in order to hit that target?
spk06: Thank you, Kingsley. What we announced in SwampUp was part of our roadmap. We announced several tools that support the full software supply chain platform play that we implement in the market. JFOG Advanced Security comes first, then JFOG Curation and Catalog, which was announced and keynoted in SwampUP. We are also planning to have some security capabilities on the runtime, so shifting right. We added static analysis security on the left to secure your code. And by that, we provide an end-to-end security solution. On top of that, We also announced the AI and ML Ops capabilities as part of the platform, natively supporting security scanning for ML models and storage of ML models in Artifactory. If you look at the global picture altogether, J4C platform today provides a full end-to-end solution for DevOps and DevSecOps from code to production. And in the next few quarters, we already have items in our roadmap to complete even further right to what we discussed.
spk07: And if I may add to that, so when we released our long-term model, we already had this new product either at the market, launched in the market, or just about to be launched in the market. So we definitely took those products into account when we released and shared our long-term targets with you.
spk15: Okay, thank you both. One more reminder, star one on your touchtone phone if you'd like to ask a question. And our next caller is Atai Kidron with Oppenheimer. Please go ahead.
spk09: Thank you, and Shlomi, our thoughts with you and the whole team in Israel, of course. Shlomi, I wanted to make sure I understand the security. Can customers buy your security solutions without artifacts, or that's still not a possibility? So, When will that happen? And then maybe for you, Jacob, on the expansion rate with all the new product coming along and clearly with this better execution on the upsell and attraction of $1 million customers, how should we think about net dollar expansion rate here going forward for the next couple of quarters?
spk06: Hi, Ty. What we see as reported is that our net dollar retention is stabilized around 120, 119, as predicted and as guided. In the self-hosted solution, since our security solution is based on a perfect model on top of the platform, we look to see some acceleration there. though our strategy is very focused on the cloud and the cloud migration, and there as well, security will be a strong driver to support the net dollar retention guidance that we provided. Security in both cases, both deployment environment, cloud and self-hosted, is based on by developers and not only by consumption. So we think it will support the net dollar retention and it will be aligned with our guidance.
spk07: Yes, it is. And it's obviously too soon for us to provide the guidance for 2024.
spk09: Okay, but just to make sure I understand, can I buy your security, advanced security and curation without buying artifacts?
spk06: No. Currently, security, our solution security is part of the platform coming with the arctic factory and x-ray. In the future, we may consider to have it as a standalone solution. Currently, it's a full solution coming with the platform.
spk09: Appreciate it. Thank you.
spk15: Thank you. And our next caller is Brad Reback from Stifle. Brad, go ahead.
spk14: Great. Thanks very much. Shlomi, as we think about sort of the emergence of AI and ML, large language models. How does that play to help accelerate usage of the cloud artifactory? Thanks.
spk06: Yes, greetings, Brad. AI and ML ops, these are technologies that are being adapted rapidly by all organizations and also the enterprise are looking into it. As you are familiar with our portfolio, The majority of our customers are enterprise customers with thousands of developers. And to be frank with you, most of them are trying to first kind of put down the playbooks and the regulation of how you use AI, how you secure AI, how you automate it, and how you become more efficient with it before you let machine code and build binaries and distribute it for you. So we planted the seeds. JFOG is the first and only company in the world that practically provide AI solutions for our customers. We planted the seed not only for DevOps, but also for security. Artifactory natively proxy Hugging Face, the public repository, and X-Ray automatically scan all ML models before they are getting into the system to the software supply chain. With the rapid growth and rapid adoption of AI and MLOps, we believe that this will be just another practice for the JFOG user and will accelerate the adoption of our platform, will put us in a very good position in terms of competition that might come up in the future, and will serve our customers and community better with the universality that we provide. Currently, it's too early to say how will this impact the long-term model.
spk14: That's great.
spk15: Thanks very much. Thank you. And our next caller is Jonathan Rookhaver from Cantor Fitzgerald. Jonathan, go ahead.
spk11: Yeah, thank you. So, Shlomi, an interesting point that has come up in discussions we've had with JFROC customers is around the automation that Artifactory brings to third-party CICD solutions. And specifically the significant reduction in build time and cost savings. Can you just comment on that dynamic, how important it might be when you look at new lands? And also, what is the implication to pipelines? Is pipelines less of an opportunity, just given how well you work with other CICD tools?
spk06: Thanks for this question, John. JFrog Artifactory and JFrog Platform overall is uh is based on an open rest api working with all the major cicd tools in the market we are natively supporting github action jenkins gitlab cicd circle ci and obviously others um it's uh it's also mandatory for everyone who use ci to use the binary repository because the moment you use ci on top of your source code repository you create a binary and then the deployment into Artifactory and pulling out from Artifactory by CICD and automating the full software supply chain is being made in and out from Artifactory. Regarding JFrog Pipeline, JFrog Pipeline is accelerating the automation of the JFrog platform, integrates with all the CICD tools, and helps you promote binaries from every quality gate all the way to production. JFrog pipelines also provide a friendly UI for users to manage the dependencies and to manage the source of proof of all binary. We don't see JFrog pipeline as a catalyst for the adoption of our platform or a major catalyst for AR. Actually, what we see is that using JFrog pipeline makes our users more faster and secured as they secure the pipeline by using it.
spk11: Okay. So it's having a strong impact in terms of the value proposition, but it's not necessarily impacting ARR or the adoption of the Enterprise Plus package, correct? Correct.
spk04: Okay. Okay. Thank you.
spk15: Okay, thank you. Looks like our next call is from Mike Sikos with Niedermann Company.
spk16: Mike, go ahead. Great. Thank you. Thank you for getting me on the call here. And I apologize if I missed this in the prepared remarks or the Q&A. I know I'm juggling a couple different earnings calls, like I imagine my peers are as well. But I think the first question, if I could, for Shlomi, we were kind of struck last quarter when the company was saying that the optimization headwinds were We're largely behind the company. And I apologize if I missed this, but can you provide us an update? Does that still stand here where we are today? Is it fair to think that those optimization headwinds for J-PROG are now firmly in the rearview mirror? And then I just had one follow-up.
spk07: Yes, Mike. We did talk about the user strengths, and we continue to see continuous growth of usage. So we do believe that this wave of optimization is behind us. We continue to see the adoption of our platform by larger customers on marketplaces. However, having said that, we also see slower pace of migrations comparing to prior year. So definitely macro headwinds in terms of impact on pace of migration is still there. But cloud usage continues to grow. And that's a trend that we've been experiencing for a couple of quarters now.
spk16: Got it. Got it. Okay. Thank you for calling that out. And I think maybe one other item, I think earlier this year as well, I know the company was trying to adjust its free tier. And I think that you guys had decided to limit the number of users that fell under that free tier. And maybe by creating that limited capacity, there was a thought that that could benefit the model in some capacity from a monetization standpoint. Can you remind us what the initial findings on conversion or benefit to revenue, if any, have come through the model at this point?
spk06: Yes, Mike. When we decided to kind of building the top of the funnel without free-tier earlier in 2022, The main reason was all the additions that we provided with security and the IoT capabilities that you cannot just have on a three-tier basic DevOps solution. It didn't serve not the product strategy and not the go-to-market strategy, which became top-down strategic enterprise sales. The conversion that we've seen from the three-tier where customers, usually small groups of developers, They've converted throughout the factory and the power subscription, and we decided that it doesn't serve the top of the funnel. I'm happy to report that you can see that what we have built now with our enterprise sales and the strategic sales, one of the results being demonstrated this quarter is the amount of customers that are going over $100,000 and over $1 million.
spk04: This is not coming from free sales, as you probably understand.
spk13: okay thank you so much our next caller is nick altman with doja bank nick go ahead hi this is john gomez on for nick uh thanks for taking the questions um can you talk about how september and october trended from a macro perspective relative to expectations um and whether you know you have seen any meaningful change in overall like buying propensity from customers
spk07: No, we did not see any changes, and the trends in October continue to be comparable with Q3.
spk15: Okay. Thank you. Next caller is from Ethan Weeks with Piper Sandler. Ethan, go ahead.
spk02: Great. Thanks for taking my question. This is Ethan on for Rob. It seems like there's still a large amount of organizations out there using either free or open source binary repository management solutions. And as we think about the amount of innovation and product leases you've had on the security side, do you think this could provide a catalyst maybe for a lot of these organizations to start considering a commercial solution? Or if not, maybe what that catalyst may be in the future as we think about new customer growth and converting some of these onto your platform? Thank you.
spk06: Yes, I'll take this one. We built the JFrog to action from the bottom up, from the developers up, and obviously starting with open source, build the consensus around the artifactory as a single source of record for the organization. What we know now, years after, is that it takes more than just one open source solution. When you want to build a comprehensive software supply chain solution, especially on an enterprise infrastructure level. You have to adopt some security tools to it. You have to adopt universality, high availability, multi-site topology, and very often you want to move everything to the cloud, which obviously has nothing to do with open source or not. It's about having it as a service. So for sure, yes, it's a top of finance. A lot of potential customers are looking at the open source before they are trying our tools and the free trial. But the open source is still there serving us among developers. The enterprise where JFrog shines, it's a very temporary solution and usually being replaced very fast.
spk15: Okay, thank you. And our final question comes from Michael Turretts with KeyBank Capital Markets. Michael, go ahead.
spk12: Hey, this is Billy on for Michael. Just wanted to ask, with curation crossing between kind of both developers and security, have you seen that acting at all as a gateway to broader conversations with the CISO? Should we think about curation as the next logical customer expansion from the core product before adopting advanced security? Thanks.
spk06: Thank you. This is a wonderful question. Curation is very, very unique because curation lands on the common ground of the CIO and the CISO. What I mean by that is that companies realize that they can become far more efficient with adopting open source packages by scanning it before it's even getting into the organization. And therefore, curation is very appealing to And growing very fast, the pipeline, we are very pleased with what we see, that people immediately understand it. It doesn't matter if you're coming from the security side or the DevOps side. You immediately understand the value of preventing malicious packages to get into your organization, to your software supply chain. So we absolutely think that this will accelerate the adoption of our security solution. This is also why on the go-to-market, it's separated from JPEG Advanced Security. still based on the same business model. In the future, we will add more capabilities that will provide a full comprehensive DevSecOps solution. But already now, we see that nobody is just building from scratch and everybody brings open source packages. And therefore, you want to secure them and to curate them, to bless them before they are getting into your sort of supply chain. Once they are in, then J4 Advanced Security takes an exit. take position and secure your pipeline? So my answer is absolutely yes, and I'm looking forward to see how this is changing the landscape of how open source software packages are being used.
spk15: Thank you. And there are no further questions at this time, so I will turn the call back to Shlomi for closing remarks.
spk06: Well, thank you, everyone. Thank you for taking the time to join us today. We pray for more peaceful, quiet days here in Israel, and may the frog be with you. Thank you very much.
spk15: And this concludes today's call. Thank you for attending, and you may now disconnect.
Disclaimer

This conference call transcript was computer generated and almost certianly contains errors. This transcript is provided for information purposes only.EarningsCall, LLC makes no representation about the accuracy of the aforementioned transcript, and you are cautioned not to place undue reliance on the information provided by the transcript.

-

-