JFrog Ltd.

I will now hand the conference over to Jeffrey Schreiner, head of investor relations. Jeffrey, please go ahead.

Thank you, Nicole. Good afternoon, and thank you for joining us as we review JFrog's second quarter 2025 financial results, which were announced following market close today via press release. Leading the call today will be JFrog's CEO and co-founder, Shlomi Benhaim, and Ed Grabscheid, JFrog's CFO. During this call, we may make statements related to our business that are forward-looking under federal security laws and made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, including statements related to our future financial performance and including our outlook for Q3 and the full year of 2025. The words anticipate, believe, continue, estimate, expect, intend, will, and similar expressions are intended to identify forward-looking statements or similar indications of future expectations. You are cautioned not to place undue reliance on these forward-looking statements, which reflect our views only as of today and not as of any subsequent date. Please keep in mind that we are not obligating ourselves to revise or publicly release the results of any revision to these forward-looking statements in light of new information or future events. These statements are subject to a variety of risks and uncertainties that could cause actual results to differ materially from expectations. For a discussion of material risks and other important factors that could affect our results, please refer to our Form 10-K for the year ended December 31, 2024, which is available on the Investor Relations section of our website and the earnings press release issued earlier today. Additional information will be made available in our Form 10-Q for the quarter ended June 30, 2025, and other filings and reports that we may file from time to time with the SEC. Additionally, non-GAAP financial measures will be discussed on this conference call. These non-GAAP financial measures, which are used as measures of JFROG's performance, should be considered in addition to, not as a substitute for, or in isolation from, GAAP measures. Please refer to the tables in our earnings release for a reconciliation of those measures to their most directly comparable GAAP financial measures. A replay of this call will be available on the JFrog Investor Relations website for a limited time. With that, I'd like to turn the call over to JFrog CEO, Shlomi Benhaim. Shlomi?

Thank you, Jeff. Good afternoon and thank you all for joining the call. As the JFrog platform becomes the system of record for all software packages, I'm pleased to report another excellent quarter for the company. We continue to execute with discipline, aiming to meet the growing market demand for a unified platform that enables trusted, scalable software delivery. In Q2, JFrog's total revenue was $127.2 million up 23% year-over-year. Our operating margin was 15.2% in the quarter, demonstrating consistent execution while maintaining disciplined strategic investments. Cloud revenue for Q2 equaled $57.1 million, representing 45% year-over-year growth. we observe sustained cloud usage while maintaining a strategic focus on converting customers with steady usage above minimum commitment into annual contracts. Our enterprise focus, product, and go-to-market bore fruit again this quarter. I'm pleased to report that our greater than $1 million customers grew to 61 compared to 42 in the year-ago period, equalling 45% growth year-over-year. Customers spending more than $100,000 annually grew to 1,076 compared to 928 in the year-ago period, equalling 16% year-over-year growth. Our training for quarters net dollar retention increased sequentially, driven by continued adoption of our security product and solid growth across our customer base. Ed will discuss this in greater detail later in the call. Entering the second half of 2025, we are confident that our focus on DevOps, security, and MLOps aligns with modern software demands. This quarter's success was fueled by continued cloud growth, rising demand for our unified security solutions, and a clear value proposition in the rapidly evolving world of agentic AI and MLOps. Now, I will take a moment to spotlight what powered our Q2 success, highlighting the key drivers behind our strong performance. First, on Cloud Goals. I want to address two items for J4Cloud, both our core business results and then talk about emerging market dynamics. Q2 delivered strong cloud results fueled by expanded annual commitments, helping our customers gain budget clarity and suspending visibility while growing our recurring revenue base. Now with AI adoption exploding, CIOs are rethinking infrastructure at its core. The unpredictable cost of running AI at scale is forcing a shift from cloud first to fit for purpose. This might mean hybrid, balancing cost predictability with agility, compliance, security, and control. JFrog has been hybrid from day one, a unified software supply chain platform that runs in the cloud, on-prem, or both. We are not reacting to this hybrid demand. We've been building for it, giving our customers true freedom of choice. This strategic shift by companies might extend sales cycles of customers that were in the process of migrating workloads to public clouds. But it reflects a deeper enterprise commitment across infrastructures and setups. As customers bet big on AI, they need a robust solution, but also cost predictability. And that's exactly where J4 can help them build smarter for the future. We're heading into H2 confident and focused, aligned with customers' demand, and build for what's next, staying loyal to our disciplined, de-risked approach. Next, to AI and machine learning. Over the past two years, JFrog has not only invested in making our platform the system of record for MLOps and AI driven software delivery, but also partnered with the world's largest companies and leading organizations in the AI ecosystem. Last quarter, we highlighted our partnership with Hugging Face to secure open source AI models. the launch of JFogML to enterprise customers as part of our unified platform, and the growing adoption of JFog by native AI companies using Artifactory as the centerpiece model registry in their software supply chain. In Q2, we were honored to be included in yet another mega initiative in the world of AI when NVIDIA's CEO, Jensen Wong, announced the new enterprise AI factory at the NVIDIA GTC conference. As part of this emerging standard for enterprise AI development, JFrog was announced as the cornerstone software artifact repository and secure model registry for NVIDIA's initiatives. Justin Boitano, NVIDIA's VP of enterprise AI products, noted, quote, enterprises building AI factories need to manage the complexity of AI adoption while ensuring performance, governance, and trust. JFrog's unified software supply chain platform paired with the NVIDIA Enterprise AI Factory validated design enables rapid responsible AI innovation at scale." End quote. We also continue to gain traction with leading AI industry customers as referenced in Q1, as they rapidly adopt the JFrog platform as an infrastructure solution, a system of record for binaries. Just as we previously became the registry and single source of truth for all software packages, containers, and artifacts, or in short, all type of binaries, we are on a mission to become the world's leading AI model registry, offering our customers comprehensive 360 coverage across the entire model lifecycle. To achieve this, we are deepening partnerships with AI industry leaders, expanding our support for the AI ecosystem, and driving community standards for responsible ML and AI adoption. As AI continues to transform the way we live and work, developer tool stacks are evolving rapidly, integrating code assistance tools, to meet growing demands for speed and efficiency. But it's not just tools that are changing. The architecture of software products must now be designed around MCP servers that enable agentic interaction, giving AI technologies access to tools and the system that power modern application development. JFrog is all in as an open platform, building a solution that deeply integrates into the AI ecosystem. Our commitment was also marked by the launch of the JFrog MCP server in mid-July during the AWS Summit in New York. This is not all. As responsible members of the AI community and as a vendor committed to building trust across our customer software supply chain, we recognize that as MCP adoption accelerates in the development world, so does interest from threat actors looking to exploit evolving MCP standards. Our security research team recently uncovered and published significant exploitation risks tied to MCP usage and we're proud to lead the charge in securing the AI community from these emerging threats. Finally, I want to highlight our DevSecOps solutions. In Q2, we saw multiple customers' wins continue to be driven by security, with companies focused on the consolidation of tools, AI model security, and software package curation. For example, during the second quarter, one of the world's largest telecommunication companies expanded its use of JFrog through JFrog curation in a seven-figure deal. As part of their standardization and consolidation efforts across their DevOps and DevSecOps tool sets, they placed a strategic investment in our solution to enforce policies and act as a firewall for the software supply chain. JFrog Security Solutions are boldly transforming the industry, replacing legacy point solution tools with a unified software supply chain platform and blazing the trail with world-class research and cutting-edge innovations to deliver trusted AI. Some of these innovations will be announced at SwampUP. I'm excited to remind you that JFrog will be holding our annual user conference on September 9th and 10th in Napa Valley, California. We'll be announcing new products and strategic partnerships, highlighting new innovations, and delivering new solutions to the market. We look forward to welcoming our community to SwampUP, where the world of every op standards is crafted. With that, I'll turn the call over to our CFO, Ed Grabscheid, with an in-depth recap of Q2 financial results and our updated outlook for Q3 and the full fiscal year of 2025. Ed.

Thank you, Shlomi, and good afternoon, everyone. During the second quarter of 2025, total revenues were $127.2 million, up 23% year over year. Our strong performance during the quarter was a result of continued operational execution driven by strength in our cloud revenues, accelerating adoption and security core products and ongoing demand for our enterprise level subscriptions. Second quarter cloud revenues grew to $57.1 million, up 45% year over year and represented 45% of total revenues versus 38% in the prior year. As Shlomi noted, our strategy remains focused on converting customers with usage above minimum commitments into higher annual contracts. Our growth in the cloud was driven by momentum in the JFrog Security Core and conversion of customers with usage above minimum commitments into higher annual contracts. During the second quarter, our self-managed or on-prem revenues were $70.1 million, up 10% year over year. Aligned with our cloud-first approach, we proactively engage our on-prem customers to migrate DevSecOps workloads to our cloud and enable them to capture even greater long-term value. In Q2, 55% of total revenues came from Enterprise Plus subscriptions, up from 50% in the prior year. Driven by the ongoing execution of our enterprise go-to-market strategy and broader customer adoption of the JFrog platform, revenue contribution from Enterprise Plus subscriptions grew 36% year-over-year. Net dollar retention for the four trailing quarters was 118%, up two points sequentially, driven by the adoption of our security core products and increased data consumption, resulting in higher customer commitments. We continue to demonstrate that our customers view JFrog solutions as mission critical to their software supply chain with gross retention that equaled 97% as of the second quarter 2025. Now I'll review the income statement in more detail. Gross profits in the quarter were $105.7 million, representing a gross margin of 83.1% in line with our guidance range versus 84.4% in the year ago period. The change in gross margin relative to the year-ago period was primarily driven by the increased mix of our cloud revenues. We expect annual gross margins to remain between 82.5% and 83.5% in 2025 due to continued focus on cost optimization with the cloud service providers. Operating expenses in the second quarter were $86.4 million, equaling 68% of revenues. This compares to $73.3 million or 71% of revenues in the year ago period. Our operating profit in Q2 increased to $19.4 million or an operating margin of 15.2% compared to $13.6 million and 13.2% operating margin in the second quarter of 2024. The continued balance between strategic investments and operational efficiency demonstrates our commitment to profitable growth. Cash flow from operations equaled $36.1 million in the second quarter. After taking into consideration CapEx requirements, our free cash flow reached $35.5 million or 28% margin compared to $16 million or 15% margin in the year ago period. Now, turning to the balance sheet, we ended the second quarter of 2025 at $611.7 million in cash and short-term investments, compared to $522 million at the end of 2024. As of June 30th, 2025, our RPO totaled $476.7 million, a 75% increase year over year, benefiting from customers' multi-year commitments to JFrog's DevOps and security offerings. And now, let me turn to our outlook and guidance for Q3 and the full year 2025. While we are pleased with our strong performance in the first half of the year and see pipeline opportunities continuing to build, given the current macro uncertainties, we believe it is prudent to continue to exercise caution in our forward outlook. Our updated guidance range suggests growing contributions from the JFrog Security Core, increases in cloud commitments, and continued adoption of the full JFrog platform. We continue to de-risk our outlook by excluding our largest opportunities given the uncertainty regarding the timing of customer deployments. We estimate full-year 2025 baseline cloud growth to now be in the range of 34% to 36%. Cloud revenue guidance continues to exclude any contribution from usage above our annual customers' minimum commitments. We continue to expect our net dollar retention rate to remain in the mid-teens during 2025. For Q3, we expect revenues to be in the range of $127 million and $129 million with non-GAAP operating profit anticipated to be between $16.5 million and $18.5 million and non-GAAP earnings per diluted share of 15 cents to 17 cents, assuming a share count of approximately 122 million shares. For the full year 2025, we anticipate a revenue range of $507 million to $510 million, representing approximately 18.7% year-over-year growth at the midpoint. Non-GAAP operating income is expected to be between $75 million and $78 million, and non-GAAP diluted earnings per share of 68 cents to 70 cents, assuming a share count of approximately 121 million shares. Now, I'll turn the call back to Shlomi for some closing remarks before we take your questions.

Thank you, Ed. This quarter demonstrated yet another powerful example of JFrog's strong execution and even more remarkable given the adversity we faced. Our team in Israel, supported by the global JFrog team, walked under unimaginable threat, literally under fire during the recent conflict with Iran. This resilience and brotherhood are woven into our DNA, and I'm truly grateful and honored to stand alongside such a courageous and dedicated team. Together, we continue to live stronger, no matter the challenge. We continue to hold onto hope and pray for peace in the world and for the fast release of the 50 hostages held captive by the brutal terror organization Hamas. We deeply wish for their safe return home well before reaching two years in captivity in Gaza's underground tunnels. JFrog's business remains strong, our technology continues to lead, and innovation is growing. We are making meaningful progress toward becoming the system of record for all software. H1 of 2025 was solid and will focus on building even more success ahead. With that, thank you for joining our call and may the frog be with you. Operator, we are now open to take questions.

We will now begin the question and answer session. Please limit yourself to one question and one follow-up. If you would like to ask a question, please raise your hand now. If you have dialed into today's call, please press star 9 to raise your hand and star 6 to unmute. Please stand by while we compile the Q&A roster. Your first question comes from the line of Sanjit Singh with Morgan Stanley. Your line is open. Please go ahead.

Hi, thank you for taking the questions. Can you hear me?

Yes, we can. I send it.

Awesome. Congrats on a strong Q2. Shomi, I wanted to talk a little bit about the evolutions, you know, cloud first, fit for purpose. If I rewind back a couple of years ago, there was this sort of customer hesitation on self-managed data center offering and then sort of looking to secure budget for their cloud initiatives. Could you just talk a little bit more about the evolution that you're seeing now? I just want to sort of unpack your comments in terms of how it would translate into continued cloud growth versus potential self-managed growth going forward, given the evolution that you were speaking to in your earnings script.

Absolutely. Thank you for the question, Sanjit. What we are hearing from our customers, especially those that were in the process of migrating workloads to the cloud, to the public cloud, is that there is a new type of uncertainty coming from the predictability or the ability to predict costs in the world of AI. AI is being adopted rapidly. And therefore, you need to think or rethink where your models will be, where the data will be, how you will train it. And therefore, just going blindly to the cloud is not a responsible move for them. So they take a bit more time to consider that. Obviously, this is more relevant to the high scale companies. A small developer shop that are practicing AI will not start its own data center, but big organizations that are betting heavy on AI will think and rethink where their data centers will be, whether it would be in the cloud, on-prem, or hybrid, as most of them are now talking about.

Understood. My follow-up question goes to a little bit about how some of the product portfolio decisions the team is making is translating to both your growth and your partnerships with the ecosystem. And specifically what I'm referring to is the sunsetting of the JFrog Pipelines product. I was wondering to what extent has that improved your go-to-market collaboration and initiatives with some of the CICD players, including Microsoft, GitHub? And is there any way where that's actually helping put more focus on the security part of the portfolio, which seems like it's also seeing some rising in dots? I'm trying to connect the dots there, but tell me if I'm over-extrapolating.

Yeah, so as you know, our goals is based on a very diverse portfolio, all sectors, all industries, all sides of companies, cloud, on-prem, so different setups, but also different practices. JFrog is the only unified platform that provide DevOps practices, MLOps practices, and DevSecOps practices. This means that we are active in three different calls to accelerate our goals. specifically regarding JFOG pipeline. The moment we found out that most of the world is betting on GitHub action and there are new CI practices coming with the trend of AI, we decided to be number one in what we know how to be number one. Pipeline was not one of them. Therefore, we were focused on the execution and the growth that we established with the new core, mainly security and mainly the migration to the cloud. And I think it was a very smart decision because now, as you can see by the numbers, we are even more focused on the execution. The other thing around it is that it opened door to better integration and better partnership with companies like GitHub, with companies that are doing CI, CD on top of their source code. And I think it's also accelerated the partnership and the go-together to the market without confusing our customers.

Thank you so much, Shlomi, for your thoughts. Congrats on K2.

Thank you very much.

Your next question comes from the line of Andrew Sherman with TD Cowan. Your line is open. Please go ahead.

Oh, great. Thanks. Congrats. Shlomi, it would be great to hear more about the pipeline of large enterprise deals. Sounds like you had some in the quarter. It would be great to hear more about those, maybe about this curation telco big deal. What did they find so compelling and can that be a good indicator of deals to see in the second half?

Yeah, well, thank you, Andrew. Our pipeline is obviously being focused on executing big deals that are combining three factors. Factor number one, migrating to the cloud some workloads and making sure that we are working with our customers in full partnership to have the right commitment. As you know, our guidance are based on commitments and not usage. Second thing, the addition of security, holistic software solution for all the software supply chain in terms of security. One of the things that we noted is this big telecommunication company that added, on top of JFrog Advanced Security, added JFrog Curation as their firewall for binaries between the public hub and their internal software supply chain. And this new emerged solution coming from JFrog And based on the same practices of every ops is the MLOps managing your models 360 all the way to deployment as part of one unified platform. This all goes to the differentiator, super strong differentiator that we bring, which is artifactory as a centerpiece the model registry the system of record for the platform and on top of that we built the capabilities so in terms of the pipeline moving forward in the second half of the year we are very positive uh we are keep the conservative way of looking at the pipeline and de-risking the big deals that might uh move a week or a month here or there and uh we are very positive and based our guidance based on what we've seen

That's great, Shlomi. The security sounds like it had a big impact in the quarter. That's great to see. Was that expected? Or I thought there were a lot of the renewals coming up in the second half. Did any of those pull into this quarter? And how are those renewals going so far, especially for those that were kind of on trial intro pricing and now you're trying to convert to bigger paying customers?

Yeah, so we are very excited about what we see in the security landscape. Not only that our technology is addressing the real pain and the real threat of today's software supply chain, but also the narrative of consolidating security around the platform and not point solution is catching up really, really fast. In terms of renewal, I think that if you... If you look at our retention rate, it's still very, very high. So it says something about all the renewal that happened in this year. And also in terms of the adoption of more and more security tools with more partners that are reaching out to JFrog and asked to partner with our security tools, we are very positive about 2025 as we were in 2024. Great.

Thank you.

Your next question comes from the line of Miller Jump with Truist. Your line is open. Please go ahead.

Hey, great. Thank you for taking the questions and congratulations on the strong results. I just want to stay with this idea of Artifactory getting used as the centerpiece and as a model registry for customers. Can you just talk about the consumption trends that you see when customers make this decision? Is there like a notable step up or acceleration that's being driven there?

Absolutely, Mila. Listen, you guys remember that JFrog started as a software package, an artifact repository company. And then 2014 to 2016, Docker changed every developer's life with bringing containers in. And JFrog became the biggest container registry of the world, the biggest Docker registry of the world. What we are now facing is an amazing opportunity because AI models are yet another binary. So part of our strategy is to become the model registry of the world. And by that, you are not only supporting software packages, containers, and all types of artifacts, but also models as the infrastructure of the primary asset of AI. That means that most of our customers, when they are now looking at the need for model registry, because everybody's implementing AI, when they are looking at a need for a model registry, they actually have two choices. A, to consolidate it around one system of record, one single source of tools, which is artifactory, with all other 30 packages. or to have a standalone model registry which will break the system of record rule to keep your company safe, secured, and efficient when you build software and release software. That, we estimate, you know, AI is the big, big world today, but we estimate that that will not only contribute to the stickiness of the platform and the extension of the platform with all the add-ons that we added on top of Artifactory, It will also position JFrog as a centerpiece of your software supply chain because there is no primary asset, no other primary asset but models in the world of AI. And it doesn't matter if software is being created by human beings or by agents. It will still require a system of record. So to your question, we assume that the need for Artifactory and the fact that it's playing a centerpiece will only grow.

Makes sense. I want to stay with AI. Last quarter, you talked about a key AI technology leader that you landed as a customer. I'm just curious if there's any update on the work that you're doing with them and then how that ramped versus your expectations in the quarter.

We are extremely, extremely excited about the partnership with them. It was not included in the call, but I can tell you that they upgraded their subscription and doubled their bet on the annual basis with JFrog in just one quarter. So we are not just operating in the world of AI, but also security and DevOps, but AI is growing fast.

Very exciting. Thank you.

Your next question comes from the line of Kingsley Crane with Canaccord. Your line is open. Please go ahead.

Hey, congrats on the quarter. First question. So with AI enabling smaller teams to ship code faster, do you see a world where JFrog becomes even more critical to smaller orgs and teams? And are you already starting to see that with some new customer interest?

What a great question, Kingsley. And I think that... what we see today is that something fundamental has been changed. First of all, if you were a developer yesterday, you had your IDE, you had your CICD, source code and JFrog, fine. Now there is a new piece, it's called code assistance. So it's not only you, there is a code assistance next to you. And the second piece is the architecture that was changed as well with MCP. This is how you build platform today. In both cases, And with every environment that you will have, cloud, on-prem, this AI or another, this code assistance or another, you will still need a model registry. It's fundamental. And you will still need to manage your security around one flow, one pipeline. Therefore, we see JFrog stepping in in a very kind of strong infrastructure role. And we are betting on that and with the expertise that we build throughout the years.

Great. That's really encouraging to hear. And Ed, really impressive cash flow in the front half of the year. Is there any reason why this year would be more front and loaded than last year? Thanks.

Yeah, that's a great question, Kingsley. As you remember, we have many multi-year deals that we've closed. It's reflected in our RPO that happened in the second half of 2024 and that continued. in the first half of 2025. And this is what's really driving the free cash flow. In the second half of the year, as Shlomi had noted, we are de-risking our largest deals. This is a big driver of our cash flow. Assuming that those deals come through, I don't see a change in our free cash flow from what we would anticipate going forward. But it's all contingent, of course, on the multi-year deals as well as these large deals. But we remain very focused on profitability. We remain very focused on our free cash flow. And we've delivered strong cash flow in the past. And we continue to focus on that going forward.

Really helpful. Thanks.

Your next question comes from the line of Mark Cash with Raymond James. Your line is open. Please go ahead.

Great. Thank you. Shlomi, if I could start with you, I wanted to ask on the overconsumption happening in the cloud. I think last quarter you talked about how you didn't really see the budgets, but may have been developers experimenting here and there. And you have another really strong performance this quarter and seeing success with converting to larger commits. So has there been a change in budgets and are you seeing experimentation move to actual programs now?

Yeah, Mark, so you remember very well. First of all, we see more usage mainly around when you use JFOG infrastructure for your model, so there will be more data consumption, there will be more storage consumption. Same thing for containers and everything that has to do with AI, if you refer to this specifically. You have to remember that our strategy is that every time that we see an overusage on top of the commitment of the customer, our team is being sent to offer a better deal for the customer and to get an annual commitment. This is how we guide you. This is how we preserve our conservatism and keep ourselves in line with the plans. Overall, we see a healthy consumption, not yet in the days of 2022, but we see a healthy growing consumption.

Okay, thank you. And if Ed, if I could ask you one, just an absolutely, you know, another massive RPO quarter that's actually accelerating, going to be lapping three very large deals this quarter in 3Q. Is there anything we should be considering from an RPO or CRPO dynamic when looking at quarter-by-quarter year-over-year compares to make sure we're not getting too far ahead of ourselves in like a booking perspective for 3Q or the second half? Thank you.

Yeah, thank you. That's a very smart question, Mark. And we don't always see a correlation between our CRPO or RPO to revenue. So we think revenue is a good indicator and the guidance that I've given you in the revenue is what I would use to forecast going forward. But you have to remember our RPO takes into consideration factors of multi-year, takes into consideration the timing of when those bookings happened. We had three of the largest deals during the second half of 2024. So RPO may be impacted if larger deals do not transpire, but by the way, de-risked out of our guidance going forward. So RPO is a great indicator, but it's not the indicator that we would lead you to continue to look at the guidance that we provide on our revenues.

Your next question comes from the line of Shrenik Kothari with Baird. Your line is open. Please go ahead.

Hey, great. This is Zack Schneider on Frustrating. Thanks for taking our questions and congrats on the strong results. So following up on a previous question with cloud adoption continuing and DevSecOps needs shifting earlier in the life cycle, how are you leveraging your hyperscaler partnerships for CoSell, Marketplace, Attach? Maybe what percent of new security wins in the quarter were sourced via these marketplaces or just driven by this channel influence?

Yes, Yannick, this is Shlomi. I'll take the call and feel free to chime in. The collaboration with the cloud providers is very important because of two reasons. A, it helps us to accelerate deals, especially mega deals that are coming in. That mainly through the marketplace and with a lot of collaboration from AWS, GCP, and Microsoft Azure. We have strong relationship with them. Some of the deals we are accelerating together. This is not just co-sell and partnership. This is also kind of co-services even when we are going with the customer, scaling with the customer. The second side of it is obviously optimizing the cost. As Ed mentioned on the call, we are optimizing the contracts with this hyperscaler. We are looking at the gross margin, being very responsible to how we go in the cloud. So not just pushing the pedal all the way down, but also to do it in a responsible, smart way.

Great. Makes total sense. And then I guess switching gears a little, obviously sounds like strong sequential growth in AI ML package usage across the platform. Are there any new usage tiers, ingestion thresholds? Should we expect any pricing model changes in 2026 to really capitalize on this trend?

Yeah, so what we saw actually in terms of the usage for AI packages, and I think you're probably calling out the hugging face in PyPy that we called out in the first quarter, it was more of stabilization or sustained usage on a quarter-over-quarter basis. It's still very early, and we're evaluating the monetization of AI is still in the infancy stage. But once that starts to mature, we'll certainly capture value.

Great, thanks a lot.

Your next question comes from the line of Jason Ader with William Blair. Your line is open. Please go ahead.

Yeah, thank you. Can you hear me okay?

We hear you well, Jason.

Okay. Good to talk to you guys. Shlomi, I just want to take a step back. Can you talk about the impact of all the AI coding tools? I mean, there's just so much happening there every week. It seems like there's a new announcement and it's pretty powerful stuff, obviously. What What impact has that had on the DevOps tool chain in general and on your business in specific? And if it hasn't had an impact yet, can you just talk about how you think it might play out over time?

Yes. As I mentioned before, Jason, there is a new creature in the tool stack of every developer now. It's called code assistance. If you're a junior developer or experienced developer, it doesn't really matter, no matter what language you use and no matter what code you're writing. This is part of your tool chain. And this item in your tool chain is now helping you to build faster and create more. What you create more is more binaries. And therefore, we are happy about this change, as long as these binaries are hosted in JFrog. So we are happy about that. It also means that there are all kinds of new threats that are coming. We mentioned the MCP server. MCP is the number one change in every company today. If you refresh your browser, you will see five more companies that added MCP to their tool stack. The fact that it's being adopted so fast is also the biggest risk that comes with it. The threat and the hackers are there. They know how fast this is happening. And every new company that adopt MCP architecture and, and, and the new code assistance rules, they're also subject to, uh, maybe, uh, a threat of, uh, a security solution. Therefore a security threat. Sorry. Therefore, um, we see how JFrog become more and more relevant, not only with the technology, but also with the holistic approach of building these layers of security and automation on top of the factory. Now, remember, this is not just a one kind of partnership with one tool in the market. JFrog tools are agnostic to all integrations. So whether it's Cursor or Windsurf or whether it's MCP from this company or another company, JFrog is still the system of record for you.

Okay, great. So, I mean, just to to round out the question, do you feel like it's benefiting you guys yet? All of this kind of front end AI coding or is still not moving the needle yet?

Well, for sure, there are new threats that are coming. And when you speak with a customer about security and what you need to protect, model security are coming on every discussion. So the answer is yes. It's still very early in the process. People are still trying to understand how this new environment looks like, but all of them are aware of the threat and therefore open to to have discussion with modern solution and not yesterday's solution. The second thing, as I mentioned before, if you have your Docker registry in Artifactory, your Python registry in Artifactory, your Java repository in Artifactory, then why you would go with the modern registry as a standalone? So my answer is yes. And still, I will stay humble and say it's still too early to say it will completely change everything we guided for in the next in the next years.

Okay, great. And then just if I can sneak one in for Ed. Ed, you guys have talked about security being a material part of the business in 2025. Can you just update us on that? And is Will you be able at some point to give us some more granularity around the contribution of security to the JFrog business?

Yeah, what we've committed to, Jason, and we did this at the end of 2024, was we gave the metrics around our attach rates with security, and we plan to do the same thing during 2025. We see nice momentum. We're excited about what security can bring, but we'll give you an update at the end of the year.

All right. Thank you. Good luck.

Thank you.

Your next question comes from the line of Jonathan Recaver with Kantor. Your line is open. Please go ahead. Jonathan, just a reminder to unmute yourself.

Can you hear me? Oh, we can hear now, Jonathan. Okay. Yeah, so the MCP opportunity, I'd just like you to talk a little bit more about that. I think it was two weeks ago that GitHub announced a critical flaw in its MCP server, and I think some attackers were actually able to manipulate AI agents into leaking sensitive data. So how do you see that solution, not only today, but when you look at securing data AI agent behavior relative to repositories. What is that opportunity for you? And will we see additional capabilities? It seems like, from what I understand, it's a basic kind of entry-level offering, but there are a lot of other threats around protocols, around access for these MCP servers that still need to be addressed. So just talk about that position and what it looks like 12 months from now.

Yeah, John, MCP is the new way in the world of software products to interact with your product, to build the integration. JFrog philosophy from day one was the philosophy of too integrated to fail. Basically, there is no tool on the planet, on our planet, which is off the supply chain, that doesn't integrate with JFrog. CICD, security, databases, storage, because we became the system of record for all binaries. So it was based on APIs and it was based on REST technology. And now in the world of AI, when it's not only a human being that need to integrate with your tool, but also agents and machines, MCP is the protocol that will allow them to come in and integrate with J4 platform or with any other platform. So therefore MCP, became very, very important for every product provider. If you want the world of AI to interact with your tool or with your platform, you have to enable MCP at the front. In terms of the other note, everybody's using MCP. and everybody's installing MCP, and everybody's having an MCP user, and that by itself is a threat that is addressed by hackers. So JFrog research team also unveiled a threat and a vulnerability in the world of MCP, and we shared it obviously immediately with the public. That obviously will give us points when we come to AI security and trustable AI in your software supply chain.

Yep. And Shlomi, as a quick follow on, where do you see this opportunity? Will it be aimed more at the foundational model providers like OpenAI and Anthropic or large enterprise or both?

No, it's not at all one company or another. Every agent, you can assume that in the future or not in the future, it's already in the present, but it will exceed in the future. Not only developers will write code, but also agents. So if I want this new persona to see JFrog as a system of record, I have to open the door for it. So every type of agentic AI that will interact with JFrog will come through an MCP integration. I got it. Thank you.

Your next question comes from the line of Ramo Lenshaw with Barclays. Your line is open. Please go ahead.

Hey, guys. This is Damon Coggan on for Ramo. Thanks for taking the question, and we're in a great quarter. Can we dig a little deeper into linearity in the quarter? Should we view 2Q's performance broadly as a continuation of the customer usage from Q1? And did you see a continuation of these trends in July?

So first let me just start by saying, I will not comment on anything in the third quarter. I'll go back to the second quarter and give you an update on what happened. There was three dynamics with our cloud. First was security wins. We're starting to see customers uptake in their security and big security wins, those tend to land in the cloud. So that was dynamic number one. The second piece was the usage. We had customers that saw benefit of taking a larger agreement, annual agreement with JFrog. These were users that were using over minimum commitments and we secured those. The confidence that gave me is reflected in my guidance that I gave to you and the 34 to 36% on the cloud. The third piece is the sustained usage. So for those customers that were using over minimum commitments, that has been sustained on a quarter over quarter basis.

Yeah, thanks. That's super helpful. And then great to see continued cloud growth acceleration in the quarter. But can you help us understand the key drivers of your subscription self-managed portfolio? Yeah.

Yeah, why don't I answer here? Self-managed, we address that on the call as well. There is a new trend now that AI might need a hybrid solution. Now, what can be better than an identical product? Hybrid means that it's identical in the cloud and on-prem. So that's a new trend. mainly driven by the AI adoption and the seek for cost predictability and stability. The second thing that we see in the on-prem is just like what Ed mentioned in the cloud. Our on-prem customers are also looking for security. So the fact that we have our security available for you in the cloud, but also as a self-hosted or private cloud is also a benefit. And we see that this growth generated by these trends as well.

Thanks, guys.

Your next question comes from the line of Koji Akita with Bank of America. Your line is open. Please go ahead.

Hey guys, uh, this is George McGreehan on for Koji. Uh, thank you for taking that question here. Uh, I just wanted to ask with the strong momentum we're seeing in security deals, um, and, and how that's contributing to, um, you know, forward looking metrics like the acceleration and RPO, um, you know, what would you say is, is there any change in that competitive landscape for security, um, and any notable changes in, in win rates and, um, How really are the tone of conversations with customers now when you're talking about security deals versus maybe in the past a year or two years ago?

Yeah, thank you, George, for this question. It comes in two different ways, as I mentioned, and as you know, on the JFrog go-to-market strategy with security. First of all, our customers, whether it's the CISO or the CIO or both, They are asking to look for consolidation and they will push very hard on it, not only because of the cost benefit from it, but also from the enormous number of scanners that they used to have just two years ago, three years ago. Every developer brought another tool. Every compliance group brought another tool. It became a zoo of scanners, and they are looking for consolidation and obviously also benefiting from the efficiency and the cost perspective. This is more business side and management side. What happened on the technology side is that there are a lot of new threats that cannot be identified by the previous software that covered software supply chain security. if you if you remember what we spoke about in the previous quarter the fact that we scanned the entire hugging phase 1.5 models and provided not only vulnerability findings but also contextual analysis telling you not only that we found this vulnerability that maybe every scanner can find but also how exposed are you to this risk and if you should waste time on doing it and the third thing is that model security is a new thing. Nobody knows really how to cover it. And since models are hosted at JFrog and also the data, the metadata that you train models with, we have better access to this asset and better visibility to this asset. And I would welcome you to SwampUp when we will speak about it even more and even share some great innovations with you to address this pain. There is no CISO. in today's world that is not waking up at night several times because of model security. And I think that this is another driver that pushes JFrog to be a relevant player, not only in the world of DevSecOps, but in the world of MLSecOps as well.

Your next question comes from the line of William Mandel with KeyBank Capital Markets. Your line is open. Please go ahead.

Hey, guys. This is Billy on for Jason Salino. Thanks for taking the question. Shalomi, it sounds like there's strong demand for the security core, but curious what customer reception has been around runtime security, maybe how that is contributing to the strength you're seeing in your security business.

Yeah, hi, Billy. I think that cyber is important, runtime is important, and DevSecOps and software supply chain is important. This is a complementary solution. We were all very excited to see the acquisition of Palo Alto, which emphasized their advantage in the world of cyber and runtime. And if you look at the growing demand for software supply chain security, it's coming from a different threat and a different need. And I think that they will coexist together.

Your final question comes from the line of Rob Owens with Piper Sandler. Your line is open. Please go ahead.

Yeah, good afternoon and thanks for squeezing me in. Obviously very exciting about security success that you guys are seeing here. Curious if you look at those deals. I know you're going to give us more information around attach rates at year's end, but any sense that you can give us in terms of what this is doing to pricing, especially as you're seeing certain customers maybe take that end-to-end portfolio? Thanks.

Yeah, hi Rob. So yes, as you've mentioned, we will provide more details at the end of the year as we did in 2024. Pricing and subscription model is something that we are looking at, especially now when there are some innovations and new offerings that we will announce at SwampUP. There might be new packages for security and new packages for advanced adopters of our security solution. And we also have to think about the fact that, you know, JFrog started to bring the software supply chain security not too long ago to the market. So we have to be focused on the adoption. We have to be focused on growing within our portfolio with a number of logos. So the entry point is also important. But stay tuned. There are some announcements that will change some of the subscription package on the security layer as well.

Appreciate the caller. Have a good evening.

There are no further questions at this time. I will now turn the call back to Shlomi for closing remarks.

Thank you, everyone, for joining the call. We are very, very excited about the momentum. We also appreciate all of your questions and may the frog be with you.

This concludes today's call. Thank you for attending. You may now disconnect.