This conference call transcript was computer generated and almost certianly contains errors. This transcript is provided for information purposes only.EarningsCall, LLC makes no representation about the accuracy of the aforementioned transcript, and you are cautioned not to place undue reliance on the information provided by the transcript.
spk02: Ladies and gentlemen, thank you for joining us and welcome to JFrog's first quarter 2024 financial results conference call. I'll now hand the conference over to Jeffrey Schreiner, VP Investor and Relations.
spk04: Jeffrey, please go ahead.
spk01: Good afternoon and thank you for joining us as we review JFrog's first quarter 2024 financial results. which were announced following market close today via press release. Leading the call today will be JFrog CEO and co-founder Shlomi Ben-Haim and Ed Grabscheidt, JFrog CFO. During this call, we may make statements related to our business that are forward-looking under federal securities laws and are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, including statements related to our future financial performance and including our outlook for Q2 and the full year of 2024. The words anticipate, believe, continue, estimate, expect, intend, will, and similar expressions are intended to identify forward-looking statements or similar indications of future expectations. You are cautioned not to place undue reliance on these forward-looking statements, which reflect our views only as of today and not as of any subsequent date. Please keep in mind that we are not obligating ourselves to revise or publicly release the results of any revision to these forward-looking statements in light of new information or future events. These statements are subject to a variety of risks and uncertainties that could cause actual results to differ materially from expectations. For discussion of material risks and other important factors that could affect our actual results, please refer to our Form 10-K for the year ended December 31st, 2023, which is available on the investor relations section of our website, and the earnings press release issued earlier today. Additional information will be made available in our form 10-Q for the quarter ended March 31st, 2024, and other filings and reports that we may file from time to time with the SEC. Additionally, non-GAAP financial measures will be discussed on this conference call. These non-GAAP financial measures, which are used as measures of JFROG's performance, should be considered in addition to, not as a substitute for, or in isolation from, GAAP measures. Please refer to the tables in our earnings release for reconciliation of those measures to their most directly comparable GAAP financial measures. A replay of this call will be available on the JFROG Investor Relations website for a limited time. With that, I'd like to turn the call over to JFrog CEO, Shlomi Benhar. Shlomi?
spk00: Thank you, Jeff. Good afternoon to you all, and thank you for joining our call. I'm pleased to report another strong quarter for JFrog, with all metrics exceeding the high end of our guidance range. Unification of DevOps, DevSecOps, MLOps, and MLSecOps in a single platform continues to resonate in the market, resulting in continuous expansion across the portfolio. In the first quarter of 2024, JPOC delivered total revenue of $100.3 million, up 26% year-over-year. Our cloud revenue continued to show positive momentum in Q1, equaling $36.9 million, a growth of 47% year-over-year. Cloud growth above our guidance range of mid-40s was supported by increases in customer consumption. In Q1, J4 customers with ARR greater than $100,000 grew to 911, compared to 785 in the prior year, increasing 16% year-over-year. Customers with ARR greater than $1 million increased by three in the quarter, now equaling a total of 40. This is up from 21 in the year-ago period growing 90% year-over-year, reflecting the continued success of our sales team's top-down efforts and adoption of the complete software supply chain platform by the enterprise. Our customers continue to tell us that having a single system of records that allows the seamless secure flow of binaries for DevOps and security is mission critical to their business. In addition, we see the practices of DevOps being implemented by organizations that wish to enable the next generation of applications already incorporating GenAI and machine learning. In the past year, we extended the JFOG Software Supply Chain platform to include MLOps and MLSecOps solutions as mandatory requirements to support our users alongside DevOps and DevSecOps comprehensive solutions. This unified approach led to some of the things behind our first quarter successes that will be discussed today. On our call today, we will cover the continued adoption of the J4C platform, including embedded holistic security solutions. Next, I will look at the cloud usage and migration trends. We will also share updates about our partners and channel go-to-market activity and game-changing technology integrations. Finally, I will share how JFog's AI and ML solutions support the emerging needs of our customers. Let me address the adoption of the JFog platform by the world's largest companies. As the unified software supply chain platform with Artifactory at its core, The JFrog platform continues to be chosen as mission-critical partner by some of the world's most demanding and highly regulated enterprises who are increasingly looking to standardize on holistic solutions. One of the most recognizable financial services companies in the world, Fidelity, recently expanded their relationship with JFrog to drive DevOps scale alongside security while increasing SLA capabilities for their thousands of developers. Supporting over 42 million customers with a stated goal of over 90% of their applications in the cloud by 2026, Fidelity needed a partner with robust hybrid and multi-cloud capabilities to support the cloud-first and enterprise-scale DevSecOps vision. Gerard McMahon, head of ALM Tools and Platforms at Fidelity, noted in a webcast with JFOB, The whole development processes has become much more symbiotic. You have to shift left, shift middle, and shift right. As we continue to use tools like JFOG X-Ray and JFOG Artifactory, security is much more ingrained into the full lifecycle of software delivery. Fidelity is not alone. We see companies increasingly integrating DevOps and security strategies through tool consolidation, scalability planning, and embracing cloud, hybrid, and multi-cloud environments. DevOps stakeholders have already taken ownership of software supplies and security in most companies, but enterprises failing to streamline security tools by minimizing point solutions will face higher expenses wasted time, inability to automate security practices, also known as DevSecOps, and possibly place the entire organization at risk. One of the strongest differentiators is the company security research team that fuels tools with unique data, often before anyone else in the market, delivering crucial value into DevSecOps processes. Reflecting this reality, the JFOG Security Research Team recently released a Software Supply Chain State of the Union Report. The report revealed that many companies still have major security gaps with only about half of companies actively scanning and securing both code and binaries. It also revealed that despite sometimes using 10 or more security point solutions, companies are unable to detect that nearly 75% supposedly critical vulnerabilities are not even exploitable. Industry analyst Paul Nashawaty from Future Room Group noted regarding the report and its consequences. KFROG's analysis reveals an important finding. A sizable percentage of vulnerabilities that have been reported are not exploitable. This emphasizes how crucial it is for engineers to distinguish between theoretical vulnerabilities and those that pose real concerns. Our security research team's reports are closely tracked by the market, as they often uncover groundbreaking insights. This finding serves as a cornerstone for enhancing our tool capabilities, ensuring JFOG X-ray, JFOG Advanced Security, and JFOG Curation deliver our users unmatched DevSecOps protection. I would now like to address our cloud business. Exiting the first quarter of 2024, we continue to see organizations looking for optimization for the cloud spend in tight budgetary environments. We are actively building the pipeline for cloud migration and anticipate enterprise efforts will accelerate throughout the year, similar to how they approached 2023. We are also seeing cloud customers looking to standardize on best-of-breed platforms to effectively manage their software delivery. For example, JFrog customer Informatica recently signed a new deal to grow the JFrog platform as the system of records for the software supply chain. Attracted to JFrog's universality, breadth of solution, and cloud-first development approach, Informatica supercharged their platform experience. The DevSecOps team noted Informatica empowers their customers to realize the transformative capabilities of their data, utilizing companies' AI-powered data management platform. By partnering with JFrog and leveraging their solutions for our DevSecOps needs, we're able to take advantage of best practices across our software supply chain to improve efficiency. We expect JFOX cloud growth in 2024, much like the previous year, to continue to be driven by usage expansion. We anticipate that cloud migration projects will gradually emerge, carefully managed within budget constraints. Our guidance aligns with evolving market trends, and we remain committed to collaborating with our customers and partners to facilitate the adoption of our software supply chain platform. Now, I want to address our partner and reseller network as part of our strategic channel goal. JFrog is constantly expanding our partner network across resellers, integrators, and technology partners. As an investment in this area, we recently formalized a partnership with the leading governmental distributor, Kerasoft, to serve as a JFrog public sector reseller. Natalie Gregory, Vice President of Open Source Solutions at Kerasoft said, Supply chain attacks in recent years have highlighted the importance of integrating security into each phase of software development. A single source of proof for companies' binaries in a solution like JFrog Artifactory, along with integrated security as part of a holistic platform, allows JFrog to provide agencies with unparalleled DevSecOps agility and peace of mind for their software supply chain. We anticipate further growth in JFrog's indirect and reseller sales for the enterprise as we continue to expand our partner programs across sectors and geographies. Finally, allow me to discuss the expansion of our platform to support MLOps and GenAI initiatives. In today's hype, every DevOps tool is talking about how their solutions support or utilize AI-based practices. But beyond the buzzwords, there is a critical question. Can the solution deliver on its promises? Can the infrastructure you use effectively guide ML-powered software securely from development to production? ML models are like all other binaries that require management, security, and governance. J-Frog, with this model as a package approach, once again, offers a top-tier solution to the industry, enabling freedom of choice for ML engineers and responsible AI adoption by the organization. With our commitment to universality, we have always focused on making the JVOC platform too integrated to fail. With Altifactory as the model registry of choice, we recently introduced the industry's first DevOps platform to seamlessly integrate with MLflow and Quark platforms as we anticipate MLOps market needs. Driven by the organic growth of our platform and customer demand, we continue to actively integrate AI and machine learning into software supply chain practices. MLflow, a Databricks open source project which has over 14 million monthly downloads, gives users The ability to build, manage, and deliver ML models in a streamlined workflow. Ali Gotsi, CEO of Databricks, the data intelligence platform designed to help organizations harness the power of big data and artificial intelligence sets. Originally developed by Databricks, MLflow streamlines the machine learning processes with a platform for experiment tracking, model packaging, and model deployment. Through a JFOG platform integration, users can now seamlessly utilize JFOG Artifactory as a model registry with JFOG X-Ray to secure the ML model artifacts. This integration accelerates both the development and deployment phases of ML-powered applications, helping companies to drive responsible AI practices. As noted, we also announced the JFrog and Quark integration. Quark is an MLOps platform designed to facilitate the construction, deployment, management, and monitoring of AI workflows, allowing users to deliver AI applications at speed and scale. This integration further expands the JFOG platform, catering to ML engineers by providing them with a single source of truth for their models. Alon Lev, CEO of Quark, noted, integrating with a proven artifact repository like JFOG Artifactory allows Quark to provide the automation capabilities that makes data scientists and ML engineers more efficient while allowing DevOps and DevSecOps teams to manage ML models like any other software package in a holistic, secure software supply chain. As J4 continues to bring together DevOps, DevSecOps, MLOps, and MLSecOps into a single enterprise-grade platform, we look forward to supporting the emerging needs of our users and aim to further expand the platform to enable ongoing consolidation needs across the software supply chain. We are excited about the growth opportunity the world of MLOps and MLSechOps introduced as part of the GenAI revolution, and we will keep expanding our platform toward the direction as its natural leap forward for us and for our customers. With that, I will turn the call over to our CFO, Ed Grabscheid, who will provide in-depth recap of Q1 financial results and update you on our outlook for both Q2 and full fiscal year of 2024. Ed.
spk15: Thank you, Shlomi, and good afternoon, everyone. During the first quarter of 2024, total revenues were $100.3 million, up 26% year over year. First quarter results exceeded the high end of our guidance range across all measures as a result of ongoing strength in our cloud revenues and growth in our Enterprise Plus subscriptions. We continue to see customers looking to consolidate their software supply chain tools towards a best-of-breed platform solution. Our results demonstrate strong execution during the first quarter. As noted by Shlomi, in the first quarter of 2024, we saw customers allocating efforts towards efficiency in their software development spend versus a focus on accelerating new projects. Cloud revenues in the quarter equaled $36.9 million, up 47% year over year, representing 37% of total revenues versus 31% in the prior year. The growth in the cloud revenues above our guidance in the mid-40s for 2024 was driven by customer usage levels above commitments. We reiterate fiscal 2024 baseline cloud growth around the mid-40s for the full year. Self-managed revenues, or on-prem, were $63.4 million, up 16% year-over-year during the first quarter. We anticipate self-hosted revenue growth trends in 2024 will be similar to 2023. Net dollar retention for the four trailing quarters was 118%, in line with our guidance for high teens during 2024. Our gross retention rate remained at 97%. Our first quarter results saw strong customer adoption of the complete JFrog platform, driven by customers consolidating point solutions and securing their full software supply chain. In Q1, 49% of total revenue came from Enterprise Plus subscriptions, up from 44% in the prior year. Revenue contribution from Enterprise Plus subscriptions grew 39% year over year. Now I'll review the income statement in more detail. Gross profit in the quarter was $85.3 million, representing a gross margin of 85.1% compared to 82.9% in the year-ago period. The increase in gross margin relative to the year-ago period is attributable to the elimination of outsource costs derived from the synergies related to the acquisition of VDU and ongoing cost discipline efforts. We reiterate expectation for annual targets remaining between 83 to 84% in the near future, then trend towards the low 80s aligned with our long-term model and cloud growth. Operating expenses for the first quarter were $71.3 million, up $5.2 million sequentially, equaling 71% of revenues, up from $63.5 million, or 80% of revenues, in the year-ago period. We continue to remain focused on expense discipline while investing in scaling our enterprise sales team, channel partner ecosystem, and strategic R&D spending. Our operating profit in Q1 was $14.1 million, or 14% operating margin, compared to an operating profit of $2.7 million, or 3.4% operating margin in the year-ago period, an improvement of 10.6 percentage points. Earnings per share equaled 16 cents based on approximately 114.6 million weighted average diluted shares compared to 6 cents per share in the prior year on 106.9 million weighted average diluted shares. Turning to the balance sheet and cash flow, we ended the first quarter of 2024 with $579.6 million in cash and short-term investments. up from $545 million as of December 31, 2023. Cash flow from operations was $17.5 million in the quarter. After taking into consideration our CapEx requirements, free cash flow was $16.6 million, or 16.6% free cash flow margin. We remain committed to our free cash flow margin targets provided within our long-term model, implying an estimated midpoint of 28% over the coming years. As of March 31, 2024, our remaining performance obligation totaled $261.7 million. Now I would like to speak about our guidance for the second quarter and full year 2024. Our outlook for 2024 implies continued momentum within our cloud business driven by expectations for increasing customer usage, adoption of our Enterprise Plus platform, and contribution from new security products. We anticipate seasonality in 2024 to be consistent with 2023 as customer activity likely accelerates through the year, weighted more towards the second half as budgets and resources are allocated to key initiatives after focus on expense rationalization by customers during the first quarter. Given the expectation of our self-hosted and cloud businesses, we reiterate our guidance suggesting a net dollar retention rate in the high teens exiting the fiscal year 2024, implying stability through the remainder of the year. We will continue to expand operating expenses on a dollar basis during 2024, but see room for operating leverage as ongoing cost discipline and strategic investment remain balanced. For Q2, we expect revenue to be between $103 million and $104 million, equaling 23% year-over-year growth at the midpoint. with non-GAAP operating profit between $13 million and $14 million, and non-GAAP earnings per diluted share of 13 cents to 15 cents, assuming a share count of approximately 116 million shares. For the full year of 2024, we raised our revenue range between $425.5 million and $429.5 million. Non-GAAP operating income is expected to be between $56 million and $58 million, and non-GAAP earnings per diluted share of 59 cents to 61 cents, assuming a share count of approximately 116 million shares. Now, I'll turn the call back to Shlomi for some closer remarks before we take your questions.
spk00: Thank you, Ed. Israel will observe its 76th Independence Day. This year, Israel can truly celebrate, but only mark the day. The 132 civilian hostages still held by Hamas in Gaza since October 7 reminds us that until they are safely reunited with their families, an important milestone like Independence Day cannot be celebrated in full. Despite the ongoing challenges of the war in Israel and global macroeconomic uncertainties, the JFROC team remains dedicated to our goals and culture. Team JFROC, your unwavering commitment and consistent delivery are truly admirable. I'm saluting your resilient spirit and thank you for your hard work. was a solid start for the year. We continue to believe that JFrog, as a system of records for the entire software supply chain, is uniquely positioned for success in the expanding world of DevOps and security, as well as seeing potential growth in the emerging market of Gen AI. We also recently announced our annual user conference, SwampUP, to be held in September in Austin, Texas. This year's keynotes will change the DevOps, DevSecOps, and MLOps landscape as we again prepare together with our partners and community to set the industry standards moving forward. With that, thanks for attending our call and may the frog be with you.
spk04: Operator, we are now open to take questions. Thank you.
spk02: We will now begin the question and answer session. If you've dialed in and would like to Ask a question. Please press star 1 on your telephone keypad to raise your hand and join the queue. If you'd like to withdraw your question, simply press star 1 again. If you're called upon to ask a question or listening via loudspeaker on your device, please pick up your handset and ensure that your phone is not on mute when asking your question. We ask that you please limit yourself to one question and one follow-up. Again, press star 1 to join the queue. Your first question comes from the line of Sanjit Singh with Morgan Stanley. Please go ahead.
spk06: Yeah, thank you for taking the question. Shlomi, I just wanted to get your latest read on the spending environment and the macro environment. This time last year, the market, including JFrog customers, were still in sort of cost optimization mode, watching their cloud spend. At the same time, they were also hesitant to investing data center. And so as 2024 has started, what trends sort of remain similar to back then? And to what extent are you seeing any sort of improvement in terms of your customers willing to invest?
spk00: Yes, Sanjit, thank you for the question. So what we see actually in the cloud environment is that our cloud keeps growing faster than the on-prem. mainly because of user consumption and cloud migration projects being included in our pipeline as we see the market coming back very slowly towards that direction. On the self-hosted, we see a bit of a growth on the adoption and the expansion, but it remains the same as it was in 2023. Overall, cloud and on-prem remind us a lot, as we reported, 2023. Q1 started with 47% deal growth in the cloud, and more and more cloud customers are looking forward to multi-year subscription when they speak about migration and betting more on migration from South Africa.
spk06: Understood. And just to follow up maybe for Ed on the cloud business, Ed, if I back out the true up from last quarter, I think which was around one and a half million, when I look at the sequential growth in cloud, it was lower than it has been in prior Q1s for the past couple of years. Any reason for the lower sequential growth this quarter once I do that normalization?
spk04: This is Ed, and thank you for the question.
spk15: What we saw in Q4 was a quarter of significant consumption. We see Q1 as more of a digestion quarter. Now, when you look at it on a year-over-year basis, we grew 47%. On a dollar basis, we grew much more in Q1 than we did in the prior quarter. So what we're seeing is that customers expanded in terms of usage in Q4. In Q1, they took that opportunity to digest a little bit more and think about projects and software development projects more towards later quarters.
spk03: I appreciate that, Phil, and thank you very much.
spk02: Our next question comes from the line of Pidjalam Bora with JP Morgan. Please go ahead.
spk05: Great. Hey, thanks for taking the questions. Shomi, I'll ask you on MLOps. MLflow is interesting, but maybe talk about how the conversations with customers are trending at this point. Are you seeing customers considering JFrog as JFrog Artifactory as a proxy for kind of Hugging Face or any kind of model repositories? And since a lot of the MLOps works kind of, we use a lot of open source library, is it kind of even underscoring the security aspect of the JFrog platform that you have? So anything around MLOps, what are you hearing from customers that help?
spk00: Yes, Benjamin, hi. MNOPS obviously is the natural expansion or what we call the natural leap forward for JFrog as we treat all models as a package, just another binary. What we hear from our customers, what we hear from the market, by the way, what we hear from the community as well is that they are looking to have a single source of records for models just as they have for the other packages. Artifactory obviously serves that. X-ray serves as the scanner for models and malicious models. And this is what we announced back in Q4 of the previous year. Now, with the universality philosophy in mind, we are providing all data scientists and ML engineers with freedom of choice. Choose whatever platform works for you, whether it's MLflow, which is super popular, as we mentioned, with millions of downloads a month, or other like Quark and other coming from AWS SageMaker. So the universality around the factory will make the factory the registry of choice for models as well as is today for all the other binaries.
spk05: Yep, understood. One question for you, Ed. On the cloud business, correct me if I heard this wrong, but it seems like you're seeing incremental efficiency efforts by customers, optimization efforts by customers in Q1. Just wanted to make sure I heard that correctly. And maybe how are those customers kind of optimizing at this point? Because that's something different than what others are saying, that optimization is already done mostly. And maybe help us understand the consumption trend going into April or so far in May.
spk15: Thank you for the question, Pendulum. What we're seeing first off is that, again, this being a quarter of digestion after a very strong Q4, we guided to the mid-40s, and we exceeded our guidance in terms of 47% on a year-over-year basis. What we're seeing in terms of the trends is that The customer today, the behavior is more towards and aligned with what we're seeing in 2023, that purchasing decisions as well as large projects will most likely come towards the second half of 2024. But we are reiterating our guidance around mid-40s for the full year.
spk04: Understood. Thank you very much. Our next question comes from the line of Koji Ikeda.
spk02: With Bank of America, please go ahead.
spk12: Yeah, hey, guys. Thanks so much for taking the questions. I wanted to ask a question or maybe another question here on the SAF side. You know, I know there is a lot of focus on this revenue line item here. And so as we think about – I wanted to ask you a question on the visibility in SAF. You know, when I look at the net new revenue in SAS after normalizing for that one time, it looks about the same as the fourth quarter. And so really trying to understand what your visibility looks like with your SAS customers, say for the rest of your business.
spk15: Yeah, so what we see and what we've commented before is that we guide towards mid-40s. It's on the commit. Anything above mid-40s would be usage, and we don't necessarily guide on usage. So if we see a percentage growth that is above the mid-40s, that is because additional consumption. What we see today and what we have visibility to is in the commitments, and we continue to reiterate at mid-40s for our cloud business.
spk12: Got it. That makes sense. Just a follow-up here, if I may. JFrog, we definitely view you guys as an enterprise DevSecOps tool. I think there's no denying that. But you do have SMB and smaller bid markets as customers. And so I wanted to ask the question on how demand and resiliency is shaken out in the lower end of your customer base.
spk00: Thanks, Gargi. Specifically on security, it's a known thing for all sizes of companies. Doctor supply chain security is being changed, not only consolidated, but being changed because of the threat that's coming from the runtime environment in which you have binary stressors only. So the JFrog Advanced Security, the JFrog Curation, and X-Ray are covering these needs for the SMB as well. Now, all types of customers, all profiles of customers, and I'm not speaking about really small developer shops, But the S&P for sure are looking for solutions that provide a comprehensive coverage over the software supply chain, and this is what the JFOC security solution is attracted by.
spk04: Thanks, guys. Thanks for taking the questions.
spk02: Our next question comes from the line of Mike Sikos with Needham. Please go ahead.
spk10: Hey guys, thanks for taking the questions here and I'll jump on the bandwagon here since we're all asking about SaaS and cloud. Just to punctuate that point that we were speaking about with Koji, but I want to make sure one of the things we're getting from clients here is if you deliver the 47% growth in Q1, we're reiterating the mid 40s for the full year. And I think what I'm getting from folks is the idea that, hey, it's a skinny, It's a skinny upside to mid-40s, i.e., like, it doesn't leave you a lot of wiggle room. And, Ed, if I could just go back to your earlier comment, it sounds like the mid-40s that you've guided to for the year is based on commitment, right? So in the context of that visibility, that mid-40s is, quote, unquote, in hand, if you will. And then the consumption is really the go-get-to-drive upside to that. Is that a fair characterization? Yeah.
spk15: Yeah, thanks for the question, Mike. So, first of all, our guidance suggests that our pipeline would support the mid-40s, and that is based on consumption. Secondly, based on the, I'm sorry, commitments. Secondly, usage would be a driver of anything above that mid-40s growth. Any acceleration beyond that would be migrations, although we don't anticipate anything from a migrations perspective to pick up from what we saw at the levels of 2023.
spk00: And if I may, sorry, just one more sentence about that. Well, listen, we started 2023 with the same volatility and the same hesitation in the market. People on the first quarter are far more cautious about their budgets, their planning. They are not yet executing. Big migration projects are not even being discussed at this point. They want to stabilize their expenses and then to start the year. And exactly as it happened in 2023, and as we predicted and finished the year with a big hype on the cloud goal, this is what we will see here this year. The market is still not out of the woods, and customers are looking at cloud expansion and cloud spending with a magnifier. Q1 is very much aligned. We even exceeded our guidance. It's very much aligned with our target. But also, if you look at the dollar base, it's a big success among our portfolio.
spk10: Understood. Understood. Thank you. Thank you for that. And then just a follow-up here. I think Transparently, a little bit of the head scratching outside of your purview is just on the comment around the digestion in response to Sanjit's earlier question. So I'd just like to get a sense that digestion, was that anticipated? And then the follow-up is, has that been more front-end loaded? Was it back-end loaded? It took you one. Has there been any change in behavior in the interim? Again, to give you some sort of a confidence that those projects that people are looking at are going to start coming online in the second half of this year.
spk15: Yeah, this was not a head-scratcher for us. This was something to be expected. The customer behavior and what we see in terms of seasonality, there's typically seasonably weaker in Q1 as budget decisions are being made, new software development projects are being determined, and that typically will scale through and grow throughout the course of the year, and this is the trend that we're seeing.
spk10: Got it. Okay. Okay, thank you for calling that out. I really do appreciate it. I'll turn it over to my colleagues.
spk02: Our next question comes from the line at Jason Ader with William Blair. Please go ahead.
spk08: Yeah, thank you. Good afternoon, guys. I wanted to ask about security. Shlomi, maybe talk about pipeline build for security and what you guys are seeing out there on the ground and with the sales reps, and then what are the biggest challenges you're seeing in terms of really just getting this thing out there and getting people onto the JFrog platform?
spk00: Yeah, Jason, these are two great questions. First, about the pipeline, we are thrilled to see the pipeline growing with our enterprise portfolio And we are very happy to see that they are not only considering JFOG advanced security versus curation, or curation versus JFOG advanced security, but both. And to remind you, this is also coming with a different model on top of our subscription that comes basic. So we see the pipeline, we see it growing. These are very promising enterprises that are looking at full adoption of software security, software supply chain security. on the other side on the flip side of it none of them is coming from from the dock they all have security solution they are all running a proof of concept they are all looking uh to displace or to consolidate and uh pipeline uh buildings on the landscape of security is taking longer so on one hand very very excited about the pipeline and the type of customers that are approaching us and running a proof of concept, a solid one, very organized one, consolidating five or more different tools. On the other hand, the life cycle of a proof of concept for security is longer than the DevOps one.
spk08: Gotcha. Okay. So how is that aligned, Shomi, with your expectations, I guess, six months ago? I mean, is this sort of what you expected? or is it a little bit slower than you expected and, you know, you still are as optimistic as ever in terms of the value proposition, but it's just going to take a little bit more time.
spk00: We are staying in confidence with our targets and what we guide you guys that this year security will become a material piece of our performance in our work.
spk04: Very good. Good luck, guys. Thank you.
spk02: Our next question comes from the line of Miller Jump with Truist Securities. Please go ahead.
spk13: Great. Thank you for taking the questions. I guess maybe I'll ask one on the self-managed side of the business. You actually had a modest reacceleration there this quarter. Just curious if there was anything one time in nature or anything that made you indicate this might actually exceed your expectations for that part of the business this year?
spk15: Hey, Miller. This is Ed. No one-time, nothing one-time-based, slight acceleration in our self-hosted business. We would expect that the trend in self-hosted will be very similar in 2024 to what we saw in 2023. Okay, thanks.
spk13: And then maybe just one more. You know, obviously, this is a lumpy metric, but it also looks like 100K customers were the slowest on net ads that they've been in some time. You know, is there anything to indicate that that digestion period that you talked about is indicating large customers more than the overall?
spk15: Well, what we saw in Q4, and a lot of this you're right, is lumpiness and seasonality. We had significant traction in our large customers really in the second half of 2023. So this quarter that we're seeing somewhat digestion as customers are looking at their budgets and considering expansion opportunities we saw in Q1, although there was nice growth, it wasn't at the same pace that we saw in previous quarters, we would expect that that would start to trend more normalized in future quarters. And it will be similar to what we saw in 2023. Understood. Thank you.
spk02: Our next question comes from the line of Jason Salino with KeyBank Capital Markets. Please go ahead.
spk11: Hey, great. Glad to be on. We actually saw some big news this week that a major player in AppSec would be spun out as a private standalone. Have you seen any changes in the competitive dynamics in security over the last, call it six months, and then More importantly, do you see any incremental, you know, share gain opportunities on the horizon, just on the competitive landscape? Thanks.
spk00: Yes, that's a very good question. First of all, well, the last quarter was full of events that changed everything. And on one hand, we see the need for consolidation around best of bridge platform. And therefore, customers are mentioning the platform that they can consolidate around. especially around security and DevOps together. On the other hand, there were a lot of changes. HashiCorp got acquired, Synopsys sold their entire stack, and Atlassian has some changes. So obviously there are a lot of changes, tectonic plates are moving, but one thing is saying the same. Customers are looking to consolidate and to have a comprehensive security solution. And then on that end, The security landscape and the competitive landscape didn't change from that point.
spk11: Okay. And maybe just a quick one for Ed. You know, the digestion that we're all kind of discussing today, you know, did you start seeing it very beginning in the quarter, or was it toward the end, or just pretty consistent throughout? Thanks.
spk04: It was consistent throughout the quarter. Okay. Great. Awesome.
spk02: Our next question comes from Alana Kingsley Crane with Canaccord. Please go ahead.
spk14: Hi. Thanks for taking the question. In the spirit of RSA, I want to talk about security. In Mandiant's threat report, 31 vendors were impacted by zero-day threats in the past year. That's up from three in 2018. Not mentioning, you know, thousands of end customers impacted by those breaches. You cited some of JFrog's security research in your prepared remarks. Can you talk about the value of having that security research team in addition to your security capabilities, including things like JFrog creation?
spk00: Yeah, well, thank you for noting that. JFrog's security research team is one of the largest in the industry, not only by the size of the team and how they were trained, but also by the amount of reports and finding that we are sharing with the customers and with the community. Recently, we released the State of the Union for software supply and security finding and then just after the Docker Hub scanning and malicious packages on Docker Hub together with Docker. This is an amazing differentiator because our customers can know before the rest of the market from threats that might become, and it's included in the database of our security solutions. So, obviously, it's a great service for the community, but it's also boosting our tools to be able to detect some threats before other tools can catch them.
spk14: Thank you. That's really helpful. And then for Ed, really strong gross margins at 85%. Can you talk about the efficiencies you're finding there even as cloud generally increases as a percent of your overall revenue?
spk15: Yeah, very strong gross margins, as you pointed out, 85.1%. One of the reasons that we had such strong gross margins in Q1 is that we removed, eliminated a third-party outsourced database as we now standardized on the VDU database that we acquired two, three years ago. So, we saw some efficiency gain there. However, what we see in our model is that we'll continue to spend and invest in those databases and other associated with our gross margins. So our model indicates that we'll still, and as it's in our guidance, between 83 to 84 percent gross margins during 2024.
spk04: Thank you, Opal.
spk02: Our next question comes from the line of Yi Fu Li with Cantor Fitzgerald.
spk07: Thank you for taking my question. The question could be for Salome or Ed. In terms of, I want to focus on the consolidation opportunity. Maybe if Shalini or Ed, you could comment on the upsell to other products. I know in the prepared remarks, you talked about the security as an example. How about other products like CRCD, distributed IoT device management? Any updates on that front as well?
spk00: Obviously, the consolidation of tools on one platform comes with all the capabilities of the factory, the center, and the single source of records and the registry of all packages. On top of it, the security solution, but also what you mentioned, distribution, automation, the database that Ed just mentioned. These are all coming in one platform, one package. And the expansion potential is around all of them. It's differently packaged in the self-hosted offering versus the cloud. In the cloud, we are looking to see more consumption based on more usage and more adoption. And in the self-hosted, it's expansion by season, by number of servers. by location, by projects, by sizes of teams, and so on. So that's the expansion motion that we see now with additional products on the platform.
spk07: Got it. That's extremely helpful. And then my last follow-up is on the MLOps opportunity. It's great that you're giving customers, obviously, the freedom of choice. They don't have to unlock. They don't have to lock themselves up in anything like they could use Hugging Face or SpaceMaker or whomever. I was wondering how mature is the MLOps opportunity and when do you think it's going to be more significant to, I guess, the contribution to J-PROG?
spk00: MLOps is not mature. AI is not mature. But the practices are being built now. And the nice thing about what we see is that the ML engineers, the Python engineers, the data scientists, are actually using the best practices of DevOps and DevSecOps to practice MLOps and MLSecOps. So it's not mature. This might be a tailwind, but it's not going to change our 2024 guidance. And we are going to invest more and expand more, getting JPEG platform prepared to this big opportunity that is coming in the next year.
spk03: Thanks for that.
spk02: Our next question comes from the line of Brad Reback with Stiefel. Please go ahead.
spk09: Great. Thanks very much. Ed, on the digestion commentary, I understand the mid-40% cloud growth for the year, but it sure feels like you're trying to point us towards less cloud. pronounced seasonality in the June quarter than we've seen the last couple of years. So maybe we're towards the lower end of that mid-40s in 2Q. Thanks.
spk15: Yeah. Hi, Brad. You know, the way that we look at this is that it is a metric that has seasonality. What we're guiding to in the mid-40s is for the full year. That means it's around the mid-40s. It could be up a few points. It could be down a few points. What we know today and what we see is the commitments, and that's around mid-40s. Anything above that would be usage. Anything below that, that could be because of monthlies. But what we see is around mid-40s and seasonality will play a factor in that quarter to quarter.
spk09: Okay. Thanks very much.
spk02: Our next question comes from the line of Nick Altman with Scotiabank. Please go ahead.
spk13: Awesome. Thanks, guys. Just given the channel efforts and how you guys have bulked up the sales force over the last year, can you maybe just talk to some of the productivity from some of the newly onboarded partners, both last year and when you guys kind of held your first partner event, and then specifically on the direct go-to-market side, maybe just talk to overall sales productivity. Thanks.
spk00: I think the channel and partners, as we keep updating you, it's one arm of the transition to the top-down enterprise in the Excel that we are running. The collaboration with the partners and with the channels is by geography. And it's by expertise, so it's different partners that you would see on security versus different partners that you will see on DevOps. It's different partners that you would see in France versus different partners that you would see in Japan. And the one last thing is that now we added and announced the Kerasoft partnership to also go after the public sector or the highly regulated environment, which they are super familiar with. So, we are expanding more and more the relationship with our partners and with our channels to have more resellers in the field that can promote the JVOC platform offering.
spk04: Okay, thanks.
spk13: And then I wanted to follow up on the digestion comment. I think it was Kochi, you know, asking about, you know, whether it was more sort of geared towards the SMB side of the equation. But any other trends that you saw within the installed base around the digestion? Was it sort of broad-based? Was it geospecific, you know, sector-specific? Just any more granularity on that digestion comment that you made in Q1 and sort of any trends or patterns that you call out would be helpful. Thanks.
spk15: Yeah, there was nothing that we saw in terms of trends. It was a broad base across the portfolio, nothing that we can point out specifically.
spk04: There are no further questions at this time.
spk02: I turn the call back to Shlomi for closing remarks.
spk00: Thank you, everyone, for joining our call. We had a wonderful quarter. We're looking for more peaceful day in the region and may the frog be with you. Thank you very much.
spk02: This concludes today's call. Thank you for attending. You may now disconnect.
Disclaimer