JFrog Ltd. (NASDAQ:FROG) Q2 2025 Earnings Call Transcript

JFrog Ltd. (NASDAQ:FROG) Q2 2025 Earnings Call Transcript August 8, 2025

Operator: Ladies and gentlemen, thank you for joining us, and welcome to the JFrog Second Quarter 2025 Financial Results Earnings Call. [Operator Instructions]. I will now hand the conference over to Jeffrey Schreiner, Head of Investor Relations. Jeffrey, please go ahead.

Jeffrey Allan Schreiner: Thank you, Nicole. Good afternoon, and thank you for joining us as we review JFrog’s Second Quarter 2025 financial results, which were announced following market close today via press release. Leading the call today will be JFrog’s CEO and Co-Founder, Shlomi Ben Haim; and Ed Grabscheid, JFrog’s CFO. During this call, we may make statements related to our business that are forward-looking under federal securities laws and made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, including statements relating to our future financial performance, including our outlook for Q3 and the full year of 2025. The words anticipate, believe, continue, estimate, expect, intend, will and similar expressions are intended to identify forward-looking statements or similar indications of future expectations.

You are cautioned not to place undue reliance on these forward-looking statements, which reflect our views only as of today and not as of any subsequent date. Please keep in mind that we are not obligating ourselves to revise or publicly release the results of any revision to these forward-looking statements in light of new information or future events. These statements are subject to a variety of risks and uncertainties that could cause actual results to differ materially from expectations. For a discussion of material risks and other important factors that could affect our results, please refer to our Form 10- K for the year ended December 31st, 2024, which is available on the Investor Relations section of our website and the earnings press release issued earlier today.

Additional information will be made available in our Form 10-Q for the quarter ended June 30th, 2025, and other filings and reports that we may file from time to time with the SEC. Additionally, non-GAAP financial measures will be discussed on this conference call. These non-GAAP financial measures, which are used as measures of JFrog’s performance, should be considered in addition to, not as a substitute for or in isolation from GAAP measures. Please refer to the tables in our earnings release for a reconciliation of those measures to their most directly comparable GAAP financial measures. A replay of this call will be available on the JFrog Investor Relations website for a limited time. With that, I’d like to turn the call over to JFrog’s CEO, Shlomi Ben Haim.

Shlomi?

Shlomi Ben Haim: Thank you, Jeff. Good afternoon, and thank you all for joining the call. As the JFrog platform becomes the system of record for all software packages, I’m pleased to report another excellent quarter for the company. We continue to execute with discipline, aiming to meet the growing market demand for a unified platform that enables trusted, scalable software delivery. In Q2, JFrog software revenue was $127.2 million, up 23% year-over-year. Our operating margin was 15.2% in the quarter, demonstrating consistent execution, while maintaining disciplined strategic investments. Cloud revenue for Q2 equaled $57.1 million, representing 45% year-over-year growth. We observed sustained cloud usage, while maintaining a strategic focus on converting customers with steady usage above minimum commitment into annual contracts.

Our enterprise focus, product and go-to-market bore fruit again this quarter. I’m pleased to report that our greater than $1 million customers grew to 61 compared to 42 in the year ago period, equaling 45% growth year-over-year. Customers spending more than $100,000 annually grew to 1,076 compared to 928 in the year ago period, equaling 16% year-over-year growth. Our trailing 4 quarters net dollar retention increased sequentially, driven by continued adoption of our security product and solid growth across our customer base. Ed will discuss this in greater detail later in the call. Entering the second half of 2025, we are confident that our focus on DevOps, security and MLOps aligns with modern software demands. This quarter’s success was fueled by continued cloud growth, rising demand for our unified security solutions and a clear value proposition in the rapidly evolving world of Agentic AI and MLOps.

Now I will take a moment to spotlight what powered our Q2 success, highlighting the key drivers behind our strong performance. First, on cloud growth. I want to address 2 items for JFrog Cloud, both our core business results and then talk about emerging market dynamics. Q2 delivered strong cloud results fueled by expanded annual commitments, helping our customers gain budget clarity and SaaS spending visibility, while growing our recurring revenue base. Now with AI adoption exploding, CIOs are rethinking infrastructure at its core. The unpredictable cost of running AI at scale is forcing a shift from cloud first to fit for purpose. This might mean hybrid, balancing cost predictability with agility, compliance, security and control. JFrog has been hybrid from day 1, a unified software supply chain platform that runs in the cloud, on-prem or both.

We are not reacting to this hybrid demand. We’ve been building for it, giving our customers true freedom of choice. This strategic shift by companies might extend sales cycles of customers that were in the process of migrating workloads to public clouds, but it reflects a deeper enterprise commitment across infrastructures and setups. As customers bet big on AI, they need a robust solution, but also cost predictability, and that’s exactly where JFrog can help them build smarter for the future. We’re heading into H2 confident and focused, aligned with customers’ demand and build for what next, staying loyal to our disciplined derisked approach. Next, to AI and machine learning. Over the past few years, JFrog has not only invested in making our platform the system of record for MLOps and AI-driven software delivery, but also partnered with the world’s largest companies and leading organizations in the AI ecosystem.

Last quarter, we highlighted our partnership with Hugging Face to secure open source AI models, the launch of JFrog ML to enterprise customers as part of our unified platform and the growing adoption of JFrog by native AI companies using Artifactory as the centerpiece model registry in their software supply chain. In Q2, we were honored to be included in yet another mega initiative in the world of AI when NVIDIA’s CEO, Jensen Huang, announced their new enterprise AI factory at the NVIDIA GTC Conference. As part of this emerging standard for enterprise AI development, JFrog was announced as the cornerstone software artifact repository and Secure Model Registry for NVIDIA’s initiatives. Justin Boitano, NVIDIA’s VP of Enterprise AI Products noted, “enterprises building AI factories need to manage the complexity of AI adoption, while ensuring performance, governance and trust.

JFrog’s unified software supply chain platform paired with the NVIDIA Enterprise AI factory validated design enables rapid responsible AI innovation at scale”. We also continue to gain traction with leading AI industry customers as referenced in Q1 as they rapidly adopt the JFrog platform as an infrastructure solution, a system of record for binaries. Just as we previously became the registry and single source of truth for all software packages, containers and artifacts or in short, all type of binaries, we are on a mission to become the world’s leading AI model registry, offering our customers comprehensive 360 coverage across the entire model life cycle. To achieve this, we are deepening partnerships with AI industry leaders, expanding our support for the AI ecosystem and driving community standards for responsible ML and AI adoption.

As AI continues to transform the way we live and work, developer tool stacks are evolving rapidly, integrating code assistant tools to meet growing demands for speed and efficiency. But it’s not just tools that are changing. The architecture of software products must now be designed around MCP servers that enable agentic interaction, giving AI technologies access to tools and the system that power modern application development. JFrog is all in as an open platform, building a solution that deeply integrates into the AI ecosystem. Our commitment was also marked by the launch of the JFrog MCP server in mid-July during the AWS Summit in New York. This is not all. As responsible members of the AI community and as a vendor committed to building trust across our customers’ software supply chain, we recognize that as MCP adoption accelerates in the development world, so does interest from threat actors looking to exploit evolving MCP standards.

Our security research team recently uncovered and published significant exploitation risks tied to MCP usage, and we’re proud to lead the charge in securing the AI community from these emerging threats. Finally, I want to highlight our DevSecOps solutions. In Q2, we saw multiple customers wins continue to be driven by security with companies focused on the consolidation of tools, a model security and software package curation. For example, during the second quarter, one of the world’s largest telecommunication companies expanded its use of JFrog through JFrog Curation in a 7-figure deal. As part of their standardization and consolidation efforts across their DevOps and DevSecOps tool sets, they placed a strategic investment in our solution to enforce policies and act as a firewall for their software supply chain.

JFrog security solution are boldly transforming the industry, replacing legacy point solution tools with a unified software supply chain platform and blazing the trail with world-class research and cutting-edge innovations to deliver trusted AI. Some of these innovations will be announced at swampUP. I’m excited to remind you that JFrog will be holding our Annual User Conference on September 9th and 10th in Napa Valley, California. We’ll be announcing new products and strategic partnerships, highlighting new innovations and delivering new solutions to the market. We look forward to welcoming our community to swampUP, where the world of every of op standards is crafted. With that, I’ll turn the call over to our CFO, Ed Grabscheid, with an in-depth recap of Q2 financial results and our updated outlook for Q3 and the full fiscal year of 2025.

Ed?

Eduard Grabscheid: Thank you, Shlomi, and good afternoon, everyone. During the second quarter of 2025, total revenues were $127.2 million, up 23% year-over-year. Our strong performance during the quarter was a result of continued operational execution, driven by strength in our cloud revenues, accelerating adoption in security core products and ongoing demand for our enterprise-level subscriptions. Second quarter cloud revenues grew to $57.1 million, up 45% year-over-year and represented 45% of total revenues versus 38% in the prior year. As Shlomi noted, our strategy remains focused on converting customers with usage above minimum commitments into higher annual contracts. Our growth in the cloud was driven by momentum in the JFrog Security Core and conversion of customers with usage above minimum commitments into higher annual contracts.

During the second quarter, our self-managed or on-prem revenues were $70.1 million, up 10% year-over-year. Aligned with our cloud-first approach, we proactively engage our on-prem customers to migrate DevSecOps workloads to our cloud and enable them to capture even greater long-term value. In Q2, 55% of total revenues came from Enterprise Plus subscriptions, up from 50% in the prior year. Driven by the ongoing execution of our enterprise go-to-market strategy and broader customer adoption of the JFrog platform, revenue contribution from Enterprise Plus subscriptions grew 36% year-over-year. Net dollar retention for the 4 trailing quarters was 118%, up 2 points sequentially, driven by the adoption of our security core products and increased data consumption, resulting in higher customer commitments.

We continue to demonstrate that our customers view JFrog solutions as mission-critical to their software supply chain with gross retention that equaled 97% as of the second quarter 2025. Now I’ll review the income statement in more detail. Gross profits in the quarter were $105.7 million, representing a gross margin of 83.1%, in line with our guidance range versus 84.4% in the year ago period. The change in gross margin relative to the year ago period was primarily driven by the increased mix of our cloud revenues. We expect annual gross margins to remain between 82.5% and 83.5% in 2025 due to continued focus on cost optimization with the cloud service providers. Operating expenses in the second quarter were $86.4 million, equaling 68% of revenues.

This compares to $73.3 million or 71% of revenues in the year ago period. Our operating profit in Q2 increased to $19.4 million or an operating margin of 15.2% compared to $13.6 million and 13.2% operating margin in the second quarter of 2024. The continued balance between strategic investments and operational efficiency demonstrates our commitment to profitable growth. Cash flow from operations equaled $36.1 million in the second quarter. After taking into consideration CapEx requirements, our free cash flow reached $35.5 million or 28% margin compared to $16 million or 15% margin in the year ago period. Now turning to the balance sheet, wended the second quarter of 2025 at $611.7 million in cash and short-term investments compared to $522 million at the end of 2024.

As of June 30th, 2025, our RPO totaled $476.7 million, a 75% increase year-over-year, benefiting from customers’ multiyear commitments to JFrog’s DevOps and security offerings. And now let me turn to our outlook and guidance for Q3 and the full year 2025. While we are pleased with our strong performance in the first half of the year and see pipeline opportunities continuing to build, given the current macro uncertainties, we believe it is prudent to continue to exercise caution in our forward outlook. Our updated guidance range suggests growing contributions from the JFrog Security Core, increases in cloud commitments and continued adoption of the full JFrog platform. We continue to derisk our outlook by excluding our largest opportunities given the uncertainty regarding the timing of customer deployments.

We estimate full year 2025 baseline cloud growth to now be in the range of 34% to 36%. Cloud revenue guidance continues to exclude any contribution from usage above our annual customers’ minimum commitments. We continue to expect our net dollar retention rate to remain in the mid-teens during 2025. For Q3, we expect revenues to be in the range of $127 million and $129 million, with non-GAAP operating profit anticipated to be between $16.5 million and $18.5 million and non-GAAP earnings per diluted share of $0.15 to $0.17, assuming a share count of approximately 122 million shares. For the full year 2025, we anticipate a revenue range of $507 million to $510 million, representing approximately 18.7% year-over- year growth at the midpoint. Non-GAAP operating income is expected to be between $75 million and $78 million and non-GAAP diluted earnings per share of $0.68 to $0.70, assuming a share count of approximately 121 million shares.

Now I’ll turn the call back to Shlomi for some closing remarks before we take your questions.

Shlomi Ben Haim: Thank you, Ed. This quarter demonstrated yet another powerful example of JFrog’s strong execution and even more remarkable given the adversity we faced. Our team in Israel, supported by the global JFrog team, worked under unimaginable threat, literally under fire during the recent conflict with Iran. This resilience and brotherhood are woven into our DNA, and I’m truly grateful and honored to stand alongside such a courageous and dedicated team. Together, we continue to live stronger no matter the challenge. We continue to hold on to hope and pray for peace in the world and for the fast release of the 50 hostages held captive by the brutal terror organization from us. We deeply wish for their safe return home well before reaching 2 years in captivity in Gaza’s underground tunnels.

JFrog’s business remains strong. Our technology continues to lead and innovation is growing. We’re making meaningful progress towards becoming the system of record for all software. H1 of 2025 was solid, and we’re focused on building even more success ahead. With that, thank you for joining our call and may the frog be with you. Operator, we are now open to take questions.

Q&A Session

Operator: [Operator Instructions] Your first question comes from the line of Sanjit Singh with Morgan Stanley.

Sanjit Kumar Singh: Can you hear me? Awesome. Congrats on a strong Q2. Shlomi, I wanted to talk a little bit about the evolutions, cloud first fit for purpose. If I rewind it back a couple of years ago, there was this sort of customer hesitation on self-managed data center offering and then sort of looking to secure budget for their cloud initiatives. Could you just talk a little bit more about the evolution that you’re seeing now? I just want to sort of unpack your comments in terms of how it would translate into continued cloud growth versus potential self-managed growth going forward given the evolution that you were speaking to in your earnings script?

Shlomi Ben Haim: Absolutely. Thank you for the question, Sanjit. What we are hearing from our customers, especially those that were in the process of migrating workloads to the cloud, to the public cloud, is that there is a new type of uncertainty coming from the predictability or the ability to predict costs in the world of AI. AI is being adopted rapidly. And therefore, you need to think or rethink, where your models will be, where the data will be, how you will train it. And therefore, just going blindly to the cloud is not a responsible move for them. So they take a bit more time to consider that. Obviously, this is more relevant to the high-scale companies. a small developer shop that are practicing AI will not start its own data center, but big organizations that are betting heavy on AI will think and rethink, where their data centers will be, whether it would be in the cloud, on-prem or hybrid as most of them are now talking about.

Sanjit Kumar Singh: Understood. My follow-up question goes to a little bit about how some of the product portfolio decisions the team is making is translating to your — both your growth and your partnerships within the ecosystem. And specifically, what I’m referring to is like the sunsetting of the JFrog Pipelines product, I was wondering to what extent has that improved your go-to-market collaboration and initiatives with some of the CI/CD players, including Microsoft GitHub? And is there any way where that’s actually helping put more focus on the security part of the portfolio, which seems like it’s also seeing some rising adoption. I’m trying to connect the dots there, but tell me if I’m over extrapolating.

Shlomi Ben Haim: Yes. So as you know, our growth is based on a very diverse portfolio, all sectors, all industries, all size of companies, cloud, on-prem, so different setups, but also different practices. JFrog is the only unified platform that provides DevOps practices, MLOps practices and DevSecOps practices. This means that we are active in 3 different [ course ] to accelerate our growth. Specifically regarding JFrog Pipeline, the moment we found out that most of the world is betting on GitHub action and there are new CI practices coming with the trend of AI, we decided to be #1 in what we know how to be #1. Pipeline was not one of them. Therefore, we were focused on the execution and the growth that we established with the new core, mainly security and mainly the migration to the cloud.

And I think it was a very smart decision because now, as you can see by the numbers, we are even more focused on the execution. The other thing around it is that it opened door to better integration and better partnership with companies like GitHub, with companies that are doing CI/CD on top of the source code. And I think it’s also accelerated the partnership and the go together to the market without confusing our customers.

Operator: Your next question comes from the line of Andrew Sherman with TD Cowen.

Andrew Michael Sherman: Congrats. Shlomi, it would be great to hear more about the pipeline of large enterprise deals. It sounds like you had some in the quarter. It would be great to hear more about those, maybe about this Curation telco big deal. What do they find so compelling? And can that be a good indicator of deals to see in the second half?

Shlomi Ben Haim: Yes. Well, thank you, Andrew. Our pipeline is obviously being focused on executing big deals that are combining 3 factors. Factor number one, migrating to the cloud, some workloads and making sure that we are working with our customers in full partnership to have the right commitment. As you know, our guidance are based on commitments and not usage. Second thing, the addition of security, holistic software solution for all the software supply chain in terms of security. One of the things that we noted is this big telecommunication company that added on top of JFrog Advanced Security added JFrog Curation as their firewall for binaries between the public hub and their internal software supply chain. And this new emerged solution coming from JFrog — and based on the same practices of every Ops is the MLOps, managing your models, 360 all the way to deployment as part of one unified platform.

This all goes to the differentiator, super strong differentiator that we bring, which is Artifactory as a centerpiece, the model registry, the system of record for the platform. And on top of that, we build capabilities. So in terms of the pipeline moving forward in the second half of the year, we are very positive. We keep the conservative way of looking at the pipeline and derisking the big deals that might move a week or a month here or there. And we are very positive and based our guidance based on what we’ve seen.

Andrew Michael Sherman: That’s great, Shlomi. The security sounds like it had a big impact in the quarter. That’s great to see. Was there some — was that expected? Or I thought there were a lot of the renewals coming up in the second half. Did any of those pull into this quarter? And how are those renewals going so far, especially for those that were kind of on trial intro pricing and now you’re trying to convert to bigger paying customers?

Shlomi Ben Haim: Yes. So we are very excited about what we see in the security landscape, not only that our technology is addressing the real pain and the real threat of today’s software supply chain, but also the narrative of consolidating security around the platform and [ endpoint ] solution is catching up really, really fast. In terms of renewal, I think that if you look at our retention rate, it’s still very, very high. So it says something about all the renewals that happened in this year. And also in terms of the adoption of more and more security tools with more partners that are reaching out to JFrog and ask to partner with our security tools, we are very positive about 2025 as we were in 2024.

Operator: Your next question comes from the line of Miller Jump with Truist.

William Miller Jump: Congratulations on the strong results. I just want to stay with this idea of Artifactory getting used as the centerpiece and as a model registry for customers. Can you just talk about the consumption trends that you see when customers make this decision? Is there like a notable step-up or acceleration that’s being driven there?

Shlomi Ben Haim: Absolutely, Miller. Listen, you guys remember that JFrog started as a software package and artifact repository company. And then 2014 to 2016, Docker changed every developer’s life with bringing containers in. And JFrog became the biggest container registry of the world, the biggest Docker registry of the world. What we are now facing is an amazing opportunity because AI models are yet another binary. So part of our strategy is to become the model registry of the world. And by that, we are not only supporting software packages, containers and all type of artifacts, but also models as the infrastructure of the primary asset of AI. That means that most of our customers, when they are now looking at the need for model registry because everybody is implementing AI.

When they are looking at the need for a model registry, they actually have 2 choices: a, to consolidate it around one system of record, one single source of tools, which is Artifactory with all other 30 packages or to have a stand-alone model registry, which will break the system of record rule to keep your company safe, secure and efficient when you build software and release software. That we estimate — AI is a big, big world today. But we estimate that, that will not only contribute to the stickiness of the platform and the expansion of the platform with all the add- ons that we added on top of Artifactory, it will also position JFrog as a centerpiece of your software supply chain because there is no primary asset, no other primary asset, but models in the world of AI.

And it doesn’t matter if software is being created by human beings or by agents, it will still require a system of record. So to your question, we assume that the need for Artifactory and the fact that it’s playing a centerpiece will only grow.

William Miller Jump: Makes sense. I want to stay with AI. Last quarter, you talked about a key AI technology leader that you landed as a customer. I’m just curious if there’s any update on the work that you’re doing with them and then how that ramped versus your expectations in the quarter.

Shlomi Ben Haim: We are extremely, extremely excited about the partnership with them. It was not included in the call, but I can tell you that they upgraded their subscription and doubled their bet on the annual basis with JFrog in just 1 quarter. So we are not just operating in the world of AI, but also security and DevOps, but AI is growing fast.

Operator: Your next question comes from the line of Kingsley Crane with Canaccord.

William Kingsley Crane: Congrats on the quarter. First question, so with AI enabling smaller teams to ship code faster, do you see a world JFrog becomes even more critical to smaller orgs and teams? And are you already starting to see that with some new customer interest?

Shlomi Ben Haim: What a great question, Kingsley. And I think that what we see today is that something fundamental has been changed. First of all, if you were a developer yesterday, you had your IDE, you had your CI/CD source code and JFrog, fine. Now there is a new piece. It’s called code assistance. So it’s not only you. There is a code assistance next to you. And the second piece is the architecture that was changed as well with MCP. This is how you build platform today. In both cases, and with every environment that you will have, cloud, on-prem, this AI or another, this code assistance or another, you will still need a model registry, it’s fundamental. And you will still need to manage your security around one flow, one pipeline. Therefore, we see JFrog stepping in, in a very kind of strong infrastructure role — and we are betting on that and with the expertise that we built through our deals.

William Kingsley Crane: Great. That’s really encouraging to hear. And Ed, really impressive cash flow in the front half of the year. Is there any reason why this year would be more front-end loaded than last year?

Eduard Grabscheid: Yes. That’s a great question, Kingsley. As you remember, we have many multiyear deals that we’ve closed. It’s reflected in our RPO that happened in the second half of 2024, and that continued in the first half of 2025. And this is what’s really driving the free cash flow. In the second half of the year, as Shlomi had noted, we are derisking our largest deals. This is a big driver of our cash flow. Assuming that those deals come through, I don’t see a change in our free cash flow from what we would anticipate going forward, but it’s all contingent, of course, on the multiyear deals as well as these large deals. But we remain very focused on profitability. We remain very focused on our free cash flow, and we’ve delivered strong cash flow in the past, and we continue to focus on that going forward.

Operator: Your next question comes from the line of Mark Cash with Raymond James.

Mark Charles Cash: Shlomi, if I could start with you. I wanted to ask on the overconsumption happening in the cloud. I think last quarter, you talked about how you didn’t really see the budgets that may have been developers experimenting here and there. And you have another really strong performance this quarter and seeing success with converting to larger commits. So has there been a change in budgets? And are you seeing experimentation move to actual programs now?

Shlomi Ben Haim: Yes, Mark, so you remember very well. First of all, we see more usage, mainly around — when you use JFrog infrastructure for your models, so there will be more data consumption, there will be more storage consumption. Same thing for containers and everything that has to do with AI, if you refer to this specifically. You have to remember that our strategy is that every time that we see an over usage on top of the commitment of the customer, our team is being sent to offer a better deal for the customer and to get an annual commitment. This is how we guide you. This is how we preserve our conservatism and keep ourselves in line with the plans. But overall, we see a healthy consumption, not yet in the days of 2022, but we see a healthy growing consumption.

Mark Charles Cash: Okay. And Ed, if I could ask you one, just absolutely another massive RPO quarter that’s actually accelerating, going to be lapping 3 very large deals this quarter in 3Q. Is there anything we should be considering from an RPO or cRPO dynamic when looking at quarter-over-quarter or year-over-year compares to make sure we’re not getting too far ahead of ourselves in like a booking perspective for 3Q or the second half?

Eduard Grabscheid: Yes. Thank you. That’s a very smart question, Mark. And we don’t always see a correlation between our cRPO or RPO to revenue. So we think revenue is a good indicator and the guidance that I’ve given you in the revenue is what I would use to forecast going forward. But you have to remember, our RPO takes into consideration factors of multiyear, takes into consideration the timing of when those bookings happened. We had 3 of the largest deals during the second half of 2024. So RPO may be impacted if larger deals do not transpire, but by the way, derisked out of our guidance going forward. So RPO is a great indicator, but it’s not the indicator that we would lead you to, continue to look at the guidance that we provide on our revenues.

Operator: Your next question comes from the line of Shrenik Kothari with Baird.

Zachary I Schneider: This is Zach Schneider on for Shrenik. Congrats on the strong results. So following up on a previous question with cloud adoption continuing and DevSecOps needs shifting earlier in the life cycle, how are you leveraging your hyperscaler partnerships for co-sell marketplace attach? Maybe what percent of new security wins in the quarter were sourced via these marketplaces or just driven by this channel influence?

Shlomi Ben Haim: Yes, Shrenik (sic) [ Zach ], this is Shlomi. I’ll take the call and Ed, feel free to chime in. The collaboration with the cloud providers is very important because of 2 reasons: a, it helps us to accelerate deals, especially mega deals that are coming in, that mainly through the marketplace and with a lot of collaboration from AWS, GCP and Microsoft Azure. We have strong relationship with them. Some of the deals we are accelerating together. This is not just co-sell and partnership. This is also kind of co-services even when we are going with the customer, scaling with the customer. The second side of it is obviously optimizing the cost. As Ed mentioned on the call, we are optimizing the contracts with this hyperscaler. We are looking at the gross margin, being very responsible to how we grow in the cloud. So not just pushing the pedal all the way down, but also to do it in a responsible, smart way.

Zachary I Schneider: Great. Makes total sense. And then I guess switching gears a little. Obviously, it sounds like strong sequential growth in AI/ML package usage across the platform. Are there any new usage tiers, ingestion thresholds? Should we expect any pricing model changes in 2026 to really capitalize on this trend?

Shlomi Ben Haim: Yes. So what we saw actually in terms of the usage for AI packages, and I think you’re probably calling out the Hugging Face and PyPI that we called out in the first quarter, it was more of stabilization or sustained usage on a quarter-over-quarter basis. It’s still very early, and we’re evaluating the monetization of AI is still in the infancy stage. But once that starts to mature, we’ll certainly capture value.

Operator: Your next question comes from the line of Jason Ader with William Blair.

Jason Noah Ader: Yes. Can you hear me okay?

Shlomi Ben Haim: We hear you well, Jason.

Jason Noah Ader: Okay. Good to talk to you guys. Shlomi, I just want to take a step back. Can you talk about the impact of all the AI coding tools? I mean there’s just so much happening there. Every week, it seems like there’s a new announcement, and it’s pretty powerful stuff, obviously. What impact has that had on the DevOps tool chain in general and on your business in specific? And if it hasn’t had an impact yet, can you just talk about how you think it might play out over time?

Shlomi Ben Haim: Yes. As I mentioned before, Jason, there is a new creature in the tool stack of every developer now. It’s called code assistance. If you’re a junior developer or experienced developer, it doesn’t really matter, no matter what language you use and no matter what code you are writing. This is part of your tool chain. And this item in your tool chain is now helping you to build faster and create more. What you create more is more binaries. And therefore, we are happy about this change as long as these binaries are hosted in JFrog. So we are happy about that. It also means that there are all kind of new threats that are coming. We mentioned the MCP server. MCP is the #1 change in every company today. If you refresh your browser, you will see 5 more companies that added MCP to their tool stack.

The fact that it is being adopted so fast is also the biggest risk that come with it. The threat and the hackers are there. They know how fast this is happening. And every new company that adopt MCP architecture and the new code assistant tools, they are also subject to maybe a threat of a security solution. Therefore — a security threat, sorry. Therefore, we see how JFrog become more and more relevant, not only with the technology, but also with the holistic approach of building these layers of security and automation in — on top of Artifactory. Now remember, this is not just a one kind of partnership with one tool in the market. JFrog tools are agnostic to all integrations. So whether it’s Cursor or Windsurf or whether it’s MCP from this company or another company, JFrog is still the system of record for you.

Jason Noah Ader: Okay. Great. So I mean, just to round out the question, do you feel like it’s benefiting you guys yet, all of this kind of front-end AI coding or it’s still not moving the needle yet?

Shlomi Ben Haim: Well, for sure, there are new threats that are coming. And when you speak with the customer about security and what you need to protect, model security are coming on every discussion. So the answer is yes. It’s still very early in the process. People are still trying to understand how this new environment looks like, but all of them are aware of the threat and therefore, open to have discussion with modern solution and not yesterday solution. The second thing, as I mentioned before, if you have your Docker registry in Artifactory, your Python Registry in Artifactory, your Java repository in Artifactory, then why you would go with a model registry as a stand-alone. So my answer is yes. And still, I will stay humble and say it’s still too early to say it will completely change everything we guided for in the next years.

Jason Noah Ader: Okay. Great. And then just if I could sneak one in for Ed. Ed, you guys have talked about security being a material part of the business in 2025. Can you just update us on that? And is — will you be able at some point to give us some more granularity around the contribution of security to the JFrog business?

Eduard Grabscheid: Yes. What we’ve committed to you, Jason, and we did this at the end of 2024 was we gave the metrics around our attach rates with security, and we plan to do the same thing during 2025. We see nice momentum. We’re excited about what security can bring, but we’ll give you an update at the end of the year.

Operator: Your next question comes from the line of Jonathan Ruykhaver with Cantor.

Jonathan Blake Ruykhaver: Can you hear me?

Shlomi Ben Haim: We can hear you now, Jonathan.

Jonathan Blake Ruykhaver: Okay. Yes. So the MCP opportunity, I’d just like you to talk a little bit more about that. I think it was 2 weeks ago that GitHub announced a critical flaw in its MCP server. And I think some attackers were actually able to manipulate AI agents into leaking sensitive data. So how do you see that solution not only today, but when you look at securing AI agent behavior relative to repositories, what is that opportunity for you? And will you see additional capabilities? It seems like from what I understand, it’s a basic kind of entry-level offering, but there are a lot of other threats around protocols, around access for these MCP servers that still need to be addressed. So just talk about that position and what it looks like 12 months from now.

Shlomi Ben Haim: Yes, [ Jon ], MCP is the new way in the world of software products to interact with your product, to build the integration. JFrog philosophy from day 1 was the philosophy of too integrated to fail. Basically, there is no tool on the planet, on our planet, which is software supply chain that doesn’t integrate with JFrog. CI/CD, security, databases, storage, because we became the system of record for all binaries. So it was based on APIs, and it was based on rest technology. And now in the world of AI, when it’s not only a human being that need to integrate with your tool, but also agents and machines, MCP is the protocol that will allow them to come in and integrate with JFrog platform or with any other platform.

So therefore, MCP became a very, very important for every product provider. If you want the world of AI to interact with your tool or with your platform, you have to enable MCP at the front. In terms of the other note, was everybody is using MCP and everybody is installing MCP and everybody is having an MCP user — and that by itself is a threat that is addressed by hackers. So JFrog Research team also unveiled a threat and a vulnerability in the world of MCP, and we shared it obviously immediately with the public. That obviously will give us points when we come to AI security and trustable AI in your software supply chain.

Jonathan Blake Ruykhaver: Yes. And Shlomi, as a quick follow-on, where do you see this opportunity? Will it be aimed more at the foundational model providers like OpenAI and Anthropic or large enterprise or both?

Shlomi Ben Haim: No, it’s not at all one company or another. Every agent you can assume that in the future or not in the future, it’s already in the present, but it will exceed in the future. Not only developers will write code, but also agents. So if I want this new persona to see JFrog as a system of record, I have to open the door for it. So every type of Agentic AI that will interact with JFrog will come through an MCP integration.

Operator: Your next question comes from the line of Raimo Lenschow with Barclays.

Eamon Robert Coughlin: This is Eamon Coughlin on for Raimo, A great quarter. Can we dig a little deeper into linearity in the quarter? Should we view 2Q’s performance broadly as a continuation of the customer usage from Q1? And did you see a continuation of these trends in July?

Eduard Grabscheid: So first, let me just start by saying I will not comment on anything in the third quarter. I’ll go back to the second quarter and give you an update on what happened. There was 3 dynamics with our cloud. First was security wins. We’re starting to see customers uptake in their security and big security wins, those tend to land in the cloud. So that was dynamic number one. The second piece was the usage. We had customers that saw benefit of taking a larger agreement, annual agreement with JFrog. These were users that were using over minimum commitments, and we secured those. The confidence that gave me is reflected in my guidance that I gave to you in the 34% to 36% on the cloud. The third piece is the sustained usage. So for those customers that were using over minimum commitments, that has been sustained on a quarter-over-quarter basis.

Eamon Robert Coughlin: Got it. That’s super helpful. And then great to see continued cloud growth acceleration in the quarter. But can you help us understand the key drivers of your subscription self-managed portfolio?

Shlomi Ben Haim: Yes. Why don’t I answer here? Self-managed, we addressed that on the call as well. There is a new trend now that AI might need a hybrid solution. Now what can be better than an identical product, hybrid means that it’s identical in the cloud and on-prem. So that’s a new trend, mainly driven by the AI adoption and the seek for cost predictability and stability. The second thing that we see in the on-prem is just like what Ed mentioned in the cloud. Our on-prem customers are also looking for security. So the fact that we have our security available for you in the cloud, but also as a self-hosted or private cloud is also a benefit, and we see that this growth generated by these trends as well.

Operator: Your next question comes from the line of Koji Ikeda with Bank of America.

George McGreehan: This is George McGreehan on for Koji. I just wanted to ask with the strong momentum we’re seeing in security deals and how that’s contributing to forward-looking metrics like the acceleration in RPO. What would you say — is there any change in the competitive landscape for security? Any notable changes in win rates? And how really are the tone of conversations with customers now when you’re talking about security deals versus maybe in the past a year or 2 years ago?

Shlomi Ben Haim: Yes. Thank you, George, for this question. It comes in 2 different ways, as I mentioned, and as you know, on the JFrog go-to-market strategy with security. First of all, our customers, whether it’s the CISO or the CIO or both, they are asking to look for consolidation, and they will push very hard on it, not only because of the cost benefit from it, but also from the enormous number of scanners that they used to have just 2 years ago, 3 years ago. Every developer bought another tool, every compliance group brought another tool. It became a zoo of scanners, and they are looking for consolidation and obviously also benefiting from the efficiency and the cost perspective. This is more business side and management side.

What happened on the technology side is that there are a lot of new threats that cannot be identified by the previous software that covered software supply chain security. If you remember what we spoke about in the previous quarter, the fact that we scanned the entire Hugging Face 1.5 models and provided not only vulnerability findings, but also contextual analysis, telling you not only that we found this vulnerability that maybe every scanner can find, but also how exposed are you to this risk and if you should waste time on doing it. And the third thing is that modern security is a new thing. Nobody knows really how to cover it. And since models are hosted at JFrog and also the data, the metadata that you train models with, we have better access to this asset and better visibility to this asset.

And I would welcome you to swampUP when we will speak about it even more and even share some great innovations with you to address this pain. There is no CISO in today’s world that is not waking up at night several times because of model security. And I think that this is another driver that pushes JFrog to be a relevant player, not only in the world of DevSecOps, but in the world of MLSecOps as well.

Operator: Your next question comes from the line of William Mandl with KeyBanc Capital Markets.

William Mandl: This is Billy on for Jason Celino. Shlomi, it sounds like there’s strong demand for the security core, but curious what customer reception has been around runtime security, maybe how that is contributing to the strength you’re seeing in your security business?

Shlomi Ben Haim: Yes. Billy, I think that cyber is important. Run time is important. And DevSecOps and software supply chain is important. This is a complementary solution. We were all very excited to see the acquisition of Palo Alto, which emphasized their advantage in the world of cyber and run time. And if you look at the growing demand for software supply chain security, it’s coming from a different threat and a different need. And I think that they will coexist together.

Operator: Your final question comes from the line of Rob Owens with Piper Sandler.

Robbie David Owens: Thanks for squeezing me in. Obviously, very exciting about the security success that you guys are seeing here. Curious if you look at those deals, I know you’re going to give us more information around attach rates at year’s end, but any sense that you can give us in terms of what this is doing to pricing, especially as you’re seeing certain customers maybe take that end-to-end portfolio?

Shlomi Ben Haim: Rob, so yes, as you’ve mentioned, we will provide more details at the end of the year as we did in 2024. Pricing and subscription model is something that we are looking at, especially now when there are some innovations and new offerings that we will announce at swampUP. There might be new packages for security and new packages for advanced adopters of our security solution. And we also have to think about the fact that JFrog started to bring the software supply chain security not too long ago to the market. So we have to be focused on the adoption. We have to be focused on growing within our portfolio with a number of logos. So the entry point is also important. But stay tuned. There are some announcement that will change some of the subscription package on the security layer as well.

Operator: There are no further questions at this time. I will now turn the call back to Shlomi for closing remarks.

Shlomi Ben Haim: Thank you, everyone, for joining the call. We are very, very excited about the momentum. We also appreciate all of your questions and may the frog be with you.

Operator: This concludes today’s call. Thank you for attending. You may now disconnect.