JFrog (FROG) Q4 2025 Earnings Call Transcript

Image source: The Motley Fool.

DATE

Thursday, Feb. 12, 2026 at 5:00 p.m. ET

CALL PARTICIPANTS

• Chief Executive Officer — Shlomi Ben Haim
• Chief Financial Officer — Eduard Grabscheid

Need a quote from a Motley Fool analyst? Email pr@fool.com

TAKEAWAYS

• Total Revenue -- $531.8 million, increasing 24% year over year.
• Cloud Revenue -- $243.3 million, growing 45% year over year and accounting for 46% of total revenue, up from 39% in the prior year.
• Q4 Cloud Revenue -- $70.2 million, up 42% year over year and representing 48% of total Q4 revenue, compared to 43% the previous year.
• On-Premises Revenue -- $288.5 million for the year, up 11% year over year.
• Enterprise+ Subscriptions -- 57% of Q4 total revenue, up from 54% prior year; delivered Q4 year-over-year revenue growth of 33% and full-year growth of 36%.
• Large Customer Count -- 74 customers with annual spend greater than $1 million, versus 52 last year, for 42% growth; 1,168 customers spending over $100,000 annually, up 50% year over year from 1,018.
• Security Core Contribution -- Security core represented over 10% of total ARR at year end; contributed 7% of total revenue for the year and comprised 16% of year-end RPO compared to 12% prior year.
• Net Dollar Retention -- 119% for the trailing four quarters, up one percentage point sequentially.
• Gross Retention -- 97% at year end.
• Remaining Performance Obligation (RPO) -- $566 million, a 40% increase year over year.
• Gross Margin -- Q4 gross profit of $121.6 million, gross margin of 83.7% versus 83.2% prior year; 2026 annual gross margin expected to be 82%-83%.
• Operating Margin -- Q4 operating margin of 17.7% with $25.7 million in operating profit, versus 18% margin and $20.9 million prior year.
• Non-GAAP Earnings Per Share -- $0.82 for the year, a 26% increase, on roughly 122 million diluted shares (versus $0.65 and 115 million prior year).
• Free Cash Flow -- $142.2 million for the year at a 27% margin; Q4 free cash flow of $49.9 million (34% margin) versus $48.4 million and 42% margin prior year.
• Cash and Investments -- $704 million at year end, versus $522 million previous year end.
• Customer Count Adjustment -- Reported total customer count for 2025 was ~6,600, after consolidating around 300 lower-ASP subsidiaries into parent entities and churning regulated geographies.
• 2026 Revenue Outlook -- Revenue guidance of $623 million to $628 million (17.5% growth at midpoint); non-GAAP operating income $106-$108 million; non-GAAP diluted EPS $0.88-$0.92 on 128 million shares.
• Q1 2026 Guidance -- Anticipated revenue of $146-$148 million, non-GAAP operating profit of $25-$26 million, and non-GAAP EPS of $0.20-$0.22 based on 127 million shares.
• 2026 Cloud Baseline Growth Expectation -- Estimated at 30%-32% for the year.
• Net Dollar Retention 2026 Guidance -- Projected at 117% for the full year.
• Security Product Adoption -- JFrog Advanced Security and JFrog Curation comprised over 10% of total ARR and were bundled as add-ons with enterprise subscriptions, driving ASP and multi-year commitments.
• MLOps and AI Partnerships -- JFrog ML released during the year; partnerships established with NVIDIA Enterprise AI Factory and Hugging Face to serve as secure model and artifact registries.
• Product Usage Trends -- MCP server and JFrog Fly integrations support a shift toward business-to-agent market workflows, enabling code agents to interact directly with the platform.

SUMMARY

Management reported a 24% increase in total annual revenue, underscored by a 45% expansion in cloud revenue and 50% growth in large enterprise customers. The security core, led by JFrog Advanced Security and Curation, contributed over 10% to ARR and secured 16% of year-end RPO, reflecting heightened demand amid rising software supply chain threats. Product innovation centered on AI workflows and model governance, with new partnerships deepening JFrog (NASDAQ:FROG)'s strategic role in AI infrastructure. The company guided to 17.5% revenue growth in 2026, sustained by baseline cloud growth expectations of 30%-32% and continued adoption of bundled security solutions.

• Management emphasized that Cloud gross margin and overall financial discipline will support 2026 annual gross margins in the 82%-83% range.
• "we anticipate CIOs will increase investments in cloud infrastructures." as AI adoption matures and regulatory clarity improves.
• The CFO stated, "our security core products now comprising more than 10% of our ending total ARR," reinforcing multi-year commitment momentum.
• "Hugging Face can be a top of funnel for JFrog because it is the open-source hub," supporting pipeline expansion and enterprise adoption, per the CEO.
• Guidance continues to be based on contracted annual commitments rather than volatile short-term usage spikes, particularly for AI-driven and cloud workloads.
• The CEO highlighted that customer consolidation and refocusing on higher-ASP enterprise clients is intentional and aligned with strategic goals, affecting reported customer counts but increasing spend per customer.

INDUSTRY GLOSSARY

• ARR: Annual Recurring Revenue; a key metric reflecting predictable yearly revenue from subscriptions or contracts.
• RPO: Remaining Performance Obligation; the total contracted revenue expected to be recognized in the future as of the reporting date.
• MLOps: Practices and toolchains supporting machine learning model development, deployment, and lifecycle management, analogous to DevOps for AI workflows.
• ASP: Average Selling Price; average revenue per customer or deal, often highlighted during customer count changes.
• Artifactory: JFrog's core product, a repository for storing, managing, and distributing software binaries.
• JFrog Xray: Security solution for scanning software binaries in Artifactory for vulnerabilities or compliance issues.
• JFrog Curation: Firewall and governance tool protecting software supply chains by filtering vulnerabilities in open-source packages before adoption.
• Enterprise+: JFrog's advanced subscription tier offering bundled platform capabilities and enhanced security tools.
• MCP server: JFrog platform integration layer enabling secure agent and large language model interactions with company services.

Full Conference Call Transcript

Shlomi Ben Haim, and Eduard Grabscheid, JFrog Ltd.'s CFO. During this call, we may make statements related to our business that are forward-looking under federal securities laws and are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, including statements related to our future financial performance and including our outlook for the first quarter and full year of 2026. The words anticipate, believe, continue, estimate, expect, intend, will, and similar expressions are intended to identify forward-looking statements or similar indications of future expectations. You are cautioned not to place undue reliance on these forward-looking statements. They reflect our views only as of today and not as of any subsequent date.

Please keep in mind that we are not obligating ourselves to revise or publicly release the results of any revision to these forward-looking statements in light of new information or future events. These statements are subject to a variety of risks and uncertainty that could cause actual results to differ materially from expectations. For discussion of material risks and other important factors that could affect our actual results, please refer to our Form 10-Q for the quarter ended 09/30/2025 which is available on the Investor Relations section of our website, and the earnings press release issued earlier today.

Additional information will be made available in our Form 10-K for the year ended 12/31/2025 to be filed with the SEC on 02/13/2026 and other filings and reports that we may file from time to time with the SEC. Additionally, non-GAAP financial measures will be discussed on this conference call. These non-GAAP financial measures, which are used as a measure of JFrog Ltd.'s performance, should be considered in addition to, not as a substitute for, or in isolation from GAAP measures. Please refer to the table in our earnings release for a reconciliation of those measures to the most directly comparable GAAP financial measures. A replay of this call will be available on the JFrog Ltd.

Investor Relations website for a limited time. I will now turn the call over to JFrog Ltd. CEO, Shlomi Ben Haim. Shlomi?

Shlomi Ben Haim: Thank you, Jeff. Good afternoon, and thank you for joining our call. 2025 was a remarkable year for the frogs. We did not just fire on all cylinders, we set the pace. JFrog Ltd. paved the way for securing and managing the software supply chain in the era of AI, expanded our product portfolio, innovated at a faster pace than ever before, and built deep partnerships with the world's leading companies to strengthen our value to enterprise customers. We delivered quarter after quarter, exceeding our commitments and pairing solid growth and expansion with strong business and operational efficiency. This is what strategy, focused execution, and shared belief look like, and it is what makes this journey special for us.

On today's call, Ed and I will walk through our fiscal year 2025 results in more detail, share our fourth quarter performance, and discuss our outlook and guidance for 2026. In fiscal year 2025, JFrog Ltd.'s total revenue was $531,800,000, up 24% year over year. Cloud revenue for 2025 was $243,300,000, representing 45% year over year growth. In Q4, greater than $1,000,000 customers grew to 74 compared to 52 in the year-ago period, equaling 42% year over year growth. Customers spending more than $100,000 annually grew to 1,168 compared to 1,018 in the year-ago period, equaling 50% year over year growth.

These strong, consistent results reflect our alignment with modern enterprise market needs as software continues to transform how the world operates. JFrog Ltd.'s 2025 performance highlights a clear trend: as human developers and AI agents generate software at a massive scale, the resulting surge in binaries demands a trusted platform to manage, secure, and govern them end to end. This reinforces JFrog Ltd.'s leadership as the foundational infrastructure for software delivery in an agent-driven world. Now, I will discuss our success in Q4 in security, cloud, and AI. Security first. In 2023, we set out to support our customers by giving them a complete chain of cyber trust from code creation to production.

When we launched JFrog Advanced Security and JFrog Curation, we evolved rapidly from securing artifacts within JFrog Artifactory with JFrog Xray to offering end-to-end trust and governance. JFrog Ltd. has now established itself as a complete system of record for software supply chain security that protects companies' binaries, software packages, and AI models even before software enters the organization. We strategically challenged the security point solution market by unifying security and DevOps on a single platform built on one source of truth. We believe that is the only scalable way to protect our customers' software supply chain. The pain was real, the threat was growing, and our results in 2025 reaffirm that this approach was the right one.

In today's AI-driven software environment, that source of truth becomes mission critical. Organizations need a secure center of gravity and a foundational platform that stores, manages, and governs all artifacts, whether created by humans or machines. Against this backdrop, we will continue to build JFrog Ltd. as the system of record, single source of truth all developers and code agents rely on to securely manage and govern every binary and AI artifact in the software supply chain. Just as we reported strong early results for JFrog Ltd. security in 2024, our 2025 annual reporting reflects another year of significant momentum and success of our security solutions.

In 2025, JFrog Ltd. security core products, excluding contributions from JFrog Xray, became an even more meaningful growth engine for the company. As of 12/31/2025, JFrog Advanced Security and JFrog Curation comprised over 10% of our total ARR. This past year, we built on strong RPO growth momentum driven by increased cloud usage, DevOps adoption, and our security core products. We are pleased to report that in 2025, security core comprised 16% of our ending RPO compared to 12% in the prior year, and nearly doubled long-term revenue commitments.

This growth highlights not only the rapid adoption of JFrog Advanced Security, JFrog Curation, or both by hundreds of our customers, but also the broad opportunity ahead to provide value to the thousands of existing enterprise customers over time. JFrog Ltd. security solutions, tightly coupled with JFrog Artifactory, enable end-to-end software supply chain protection and are now offered as a bundled add-on with our enterprise subscriptions, increasing ASP, expansion in cloud usage, and triggering multiyear commitments. This approach resulted in tangible growth for JFrog Ltd. Cohort data indicates that customers adding JFrog Ltd. security drove strong account expansion with growth extending beyond security and into broad product portfolio usage.

We are pleased with our financial performance and the execution of our enterprise go-to-market teams. Our security RPO and pipeline numbers show strong momentum carrying into 2026. Our success in security also reflects the deep alignment with the evolving threat landscape. Attackers are increasingly targeting the software supply chain through software packages. Our customers and community described the recent npm Shaykhulud incident as a mega attack on the software supply chain, exposing millions of JavaScript developers, echoing the impact of Log4j, PyPI, and other recent security events. JFrog Ltd. customers using JFrog Curation as their firewall remained protected.

From the world's leading enterprises with tens of thousands of developers to a small development shop, JFrog Curation enforced policies, secured the software supply chain, and prevented business impact. Expanding our security offerings in 2025, we also announced the availability of AI Catalog and agentic remediation capabilities to address emerging challenges created by the introduction of AI models and agent-generated code into the software supply chain. JFrog Ltd. is the mission critical infrastructure of a company's primary software assets, their binaries. As more code is generated by human developers and AI coding agents, a tsunami of binaries is being created.

More binaries, artifacts, and models lead to a greater need for trusted infrastructure that manages, secures, and governs the software supply chain at scale. We anticipate these growing needs will drive sustained customer adoption of our holistic security solutions through 2026. Second, cloud. As we noted earlier on the call, 2025 was a year of high-quality, sustained growth in our cloud business. We delivered 45% year over year growth while remaining highly disciplined in usage management and continuing to migrate customers toward annual commitments. In addition, we drove a higher volume of security deals in the cloud, strong new logo wins, and deeper marketplace partnerships.

During the year, we strengthened our partnerships with all major cloud providers, improved our commercial terms, and established a stronger long-term gross margin strategy. Our cloud momentum was also supported by focused investments in service performance and availability, the continued build-out of our global SRE organization, enhanced sales incentives, and the consumption-based pricing model aligned with the market standards. Customer purchasing decisions changed in 2025, as CIOs were less focused on mega cloud migration initiatives and instead increasingly emphasized building fit-to-purpose hybrid and multi-cloud architectures as they adopted new AI solutions. Looking ahead, we see trends that we believe will continue to mature. First, clarity.

While cloud remains the preferred deployment environment, CIOs are seeking greater clarity, cost predictability, and ROI as they assess the full impact of AI adoption at scale, along with the evolving security and regulatory requirements that come with it. As AI adoption matures and clarity improves, we anticipate CIOs will increase investments in cloud infrastructures. Second, AI-driven software package ecosystems such as PyPI, Hugging Face, npm, Conda, or Docker are driving consumption spikes from both developers and AI agents, in some cases going beyond customers' commitments. This has the potential to be a tailwind for JFrog Ltd., and we expect customers to align commitments once usage patterns stabilize.

We will continue to provide guidance based on customers' annual commitment and proactively de-risk exposures to volatile user-driven and sizable deals. Our go-to-market strategy will remain focused on converting usage overages into annual commitments. Looking ahead, we believe that in 2026, we will continue to deliver durable growth in the cloud. Finally, I will address AI and MLOps. In 2025, we strategically built the foundation of JFrog ML as part of our platform to deliver the capabilities enterprises will increasingly require to automate speed, trust, and control across the model life cycle. At the same time, we introduced advanced functionality and integrations that extend beyond traditional B2B workflows into the emerging business-to-agent market.

We released JFrog's MCP server as a core integration layer, enabling AI agents and LLMs to securely interact with the JFrog Ltd. platform. We introduced the JFrog AI Catalog for model discovery and governance, extending the platform to manage AI and ML models like other software packages. We also announced agent-based security and remediation, leveraging agentic capabilities to drive detection and automated recovery. To strengthen our position as a system of record for all AI artifacts, we partnered with NVIDIA Enterprise AI Factory to serve as its secure model and artifact registry, while also partnering with Hugging Face to secure the world's leading open-source hub for models, supporting trusted enterprise consumption of AI.

Looking into 2026, our roadmap includes capabilities designed to expand our growth and to support JFrog Ltd. users' needs, whether human, machines, or hybrid engineering teams of developers and AI agents. This expanding use case represents a significant opportunity for JFrog Ltd. The market is experiencing a tsunami of binaries accelerated by AI. JFrog Ltd. was built from day one to handle exactly this asset at this scale, and we are fully committed to providing the infrastructure modern software organizations need to confidently embrace the AI-driven revolution.

I will now turn the call over to our CFO, Eduard Grabscheid, for an in-depth recap of Q4 and fiscal year 2025 financial results, as well as our updated outlook for Q1 and the fiscal year of 2026. Ed, thank you. Shlomi, and good afternoon, everyone. We are very pleased by the results of the fourth quarter, exceeding the high end of the range

Eduard Grabscheid: on every metric we guided for the quarter. It was a strong finish to an outstanding year, highlighting our consistent execution, operational discipline, and durable business model. During 2025, total revenues equaled $145,300,000, up 25% year over year. For fiscal year 2025, total revenues were $531,800,000, up 24% year over year. Fourth quarter cloud revenues grew to $70,200,000, up 42% year over year, and represented 48% of total revenues versus 43% in the prior year. Our growth in the cloud was driven by customers expanding annual commitments and increasing demand for JFrog Ltd. security core as ongoing npm incidents during the quarter accelerated customer adoption. For the full year 2025, cloud revenues equaled $243,300,000, up 45% year over year.

Full year cloud revenues equaled 46% of total revenues, versus 39% in the prior year. During the fourth quarter, our self-managed, or on-prem, revenues were $75,100,000, with full year 2025 equaling $288,500,000, up 11% year over year. Aligned with our strategy, we continue to proactively engage our on-prem customers to migrate DevSecOps workloads to our cloud or explore solutions better aligned with their specific use cases, including hybrid and fit-for-purpose deployments. We experienced another year of strong customer adoption of the complete JFrog Ltd. platform, driven by customers looking to consolidate their technology stack and secure their software supply chain.

In Q4, 57% of total revenues came from Enterprise+ subscriptions, up from 54% in the prior year, while delivering year-over-year revenue growth of 33%. Driven by the ongoing execution of our enterprise go-to-market strategy and broader customer adoption of the JFrog Ltd. platform, revenue contributions from Enterprise+ subscriptions grew 36% year over year in 2025. Our security core products, which exclude any benefit from JFrog Xray, continue to gain momentum as customers actively consolidate point solutions. For the full year of 2025, security core revenue was 7% of total revenues, with our security core products now comprising more than 10% of our ending total ARR.

Driven by an increasing number of large, multiyear commitments to JFrog Ltd., our security core represented 16% of remaining performance obligation, or RPO, as of 12/31/2025, compared to 12% in the prior year. Net dollar retention for the four trailing quarters was 119%, an increase of one percentage point from the prior quarter, highlighting the continued adoption of our security core products and increased cloud data consumption resulting in higher customer commitments. We continue to demonstrate that our customers view JFrog Ltd. solutions as mission critical to their software supply chain, with gross retention that equaled 97% as of 2025. Our customer count in fiscal year 2025 equaled approximately 6,600.

During the year, we continue to execute on our strategy focusing on our go-to-market initiatives around the enterprise. We further matured our approach by refining our customer logo methodology to eliminate friction for our customers and sales teams. This resulted in the consolidation of approximately 300 lower ASP subsidiaries into their parent entity. Our team also prioritized new customer acquisition, specifically targeting opportunities that land with higher value and greater expansion durability. Now I will review the income statement in more detail. Gross profit in the quarter was $121,600,000, representing a gross margin of 83.7%, versus 83.2% in the year-ago period.

We remain focused on cloud hosting cost optimization as we anticipate a larger share of our revenues being generated from the cloud. Given our expected increase in cloud revenue contribution to total, we estimate annual gross margins to be in the range of 82% to 83% in 2026. Operating expenses in the fourth quarter were $95,800,000, equaling 66% of revenues. This compares to $75,600,000, or 65% of revenues, in the year-ago period. We remain focused on expense discipline while we continue to invest in strategic initiatives. Our operating profit in Q4 was $25,700,000, or an operating margin of 17.7%, compared to $20,900,000 and an 18% operating margin in 2024.

For the full year 2025, we delivered non-GAAP earnings per share of $0.82, a 26% increase year over year, assuming approximately 122,000,000 weighted average diluted shares. This compares to $0.65 in the prior year and 115,000,000 weighted average diluted shares. Cash flow from operations equaled $50,700,000 in the fourth quarter. After taking into consideration CapEx requirements, our free cash flow reached $49,900,000, or a 34% margin, compared to $48,400,000 and a 42% margin in the year-ago period. For the full year 2025, we generated $145,700,000 in operating cash flow and $142,200,000 in free cash flow, a 27% margin.

Now turning to the balance sheet, we ended 2025 with $704,000,000 in cash and short-term investments compared to $522,000,000 at the end of 2024. As of 12/31/2025, our RPO totaled $566,000,000, a 40% increase year over year. This performance highlights the successful execution of our go-to-market strategy as customers continue to make larger multiyear commitments to our DevSecOps offering. And now let's turn to our outlook and guidance for the first quarter and full year of 2026. As we enter 2026, we are encouraged by the strength in our pipeline and a stabilized purchasing environment.

While we are monitoring the increased cloud usage and early AI workload trends that could result in a tailwind for JFrog Ltd., our guidance philosophy will remain unchanged as we continue to de-risk our largest deals due to timing uncertainties and any benefit from cloud usage above contractual commitments. Our outlook reflects growing contributions from our JFrog Ltd. security core products, ongoing adoption of our full platform, and cloud growth driven from higher annual customer commitments. We estimate full year 2026 baseline cloud growth to be in the range of 30% to 32%. Given the anticipated contribution from our security core and baseline cloud growth assumptions, we expect our net dollar retention rate to be 117% for 2026.

Turning to operating expenses, we will remain focused on investing in innovation across our platform, reinforcing JFrog Ltd.'s role as a system of record for all binaries and AI models. The weakening U.S. dollar against global currencies has created a year-over-year headwind for our operating expenses and is reflected in our operating profit guidance. We remain committed to a disciplined spending philosophy and are confident in our ability to manage expenses in line with prior execution. For Q1, we anticipate revenues to be in the range of $146,000,000 and $148,000,000, with non-GAAP operating profit anticipated to be between $25,000,000 and $26,000,000 and non-GAAP earnings per diluted share of $0.20 to $0.22, assuming a share count of approximately 127,000,000 shares.

For the full year of 2026, we anticipate a revenue range of $623,000,000 to $628,000,000, representing 17.5% year over year growth at the midpoint. Non-GAAP operating income is expected to be between $106,000,000 and $108,000,000, and non-GAAP diluted earnings per share of $0.88 to $0.92, assuming a share count of approximately 128,000,000 shares. I will now turn the call back to Shlomi for some closing remarks before we take your questions.

Shlomi Ben Haim: Thank you, Ed. In today's market, nearly every company is looking to capitalize on AI. But in 2025, when the world's leading AI-native companies select JFrog Ltd. as the core infrastructure for the software supply chain, it was clear validation of our strategy. They became JFrog Ltd. customers not only for our industry-leading platform, but because we have become the trusted system of record for binaries, the foundational asset powering modern software delivery. The adoption of our platform indicates that our roadmap is strongly aligned with where the industry is headed.

As VIBE engineering and coding agents accelerate software creation, enterprises are facing a massive surge of binaries that must be managed, automated, secured, and governed across the software supply chain. This dynamic clearly differentiates JFrog Ltd. as the trusted enterprise platform in the age of AI. 2025 is now in the rearview, and I am proud to say what we committed to our partners, customers, and shareholders was consistently delivered. Despite significant macroeconomic and geopolitical challenges, the JFrog Ltd. team rose to new heights. This period has also carried personal weight for many in our Israeli team. After years of pain, finally, all hostages are back at home.

We move forward with renewed hope for peace, stability, and a better future for the region, and the world. To my frogs, thank you. 2025 was a challenging year of uncertainty, yet a remarkable one for us. You did not just live through it, you won it, and for that, I am proud and grateful. As we step into 2026, we remain committed to quality growth, responsible investments, expanding our solutions to meet emerging needs, and bringing us all one leap closer to realizing our liquid software vision: a world where every software flow is effortless. And with that, thank you for joining our call, and may the frog be with you. Operator, we will now open for questions.

Operator: We will now begin the question and answer session. Please limit yourself to one question. If you would like to ask a question, please raise your hand now. If you have dialed into today's call, please press 9 to raise your hand and 6 to unmute. Your first question comes from Sanjit Kumar Singh with Morgan Stanley. Your line is open. Please go ahead. Sanjit, a reminder to please unmute yourself by pressing 6.

Sanjit Kumar Singh: Hi. Can you hear me now? Yes. We can, Sanjit. Sorry about that. This is Oscar Savedra on for Sanjit. Thank you for taking my question, and congrats on the great results. Really nice to see the continued growth on the cloud. I wanted to touch maybe on the, you know, the customer count. I understand the intentionality of, you know, you are focusing more on the higher propensity to spend, larger customers, and, you know, we see that on the $100,000 customer adds. But, you know, how should we think about that going forward? And how far along we are in that transition? So should we continue to expect that count to come down while larger customers go up?

Any additional color there would be helpful. Thank you.

Shlomi Ben Haim: Yes, thank you. This is Rami. I will take this first question. So we are focused on our strategy, building for the enterprise as we said three years ago, and you can see the results on the over $1,000,000, the significant growth there. You can see the results on the customers that are spending over $100,000 and the increasing spending over there. This is our strategy. This is where our go-to-market is focused, and sometimes it means that we will have to let go of low ASP customers and be focused on our enterprise.

We also noted that we have made our internal consolidation to avoid friction in our go-to-market team and to focus our team on the big enterprise opportunities. And that, by itself, was approximately 300 logos. And also, I should note that this includes the geographies regulation like churning China, Russia, and other regulatory decisions. So we are very pleased with the stability and the growth. More important than that, the fact that the customers that we brought in, hundreds of new customers that we brought into our portfolio, are spending much more on ASP, growing faster, and adopting not just DevOps, but also DevSecOps and other services in the cloud.

So, in the bottom line, it is very much aligned with our strategy and reflects our commitment as we enter 2026.

Operator: Your next question comes from the line of Ravi Shankar with UBS. Your line is open. Please go ahead.

Eduard Grabscheid: Awesome. Thanks for taking my questions.

Ravi Shankar: My question is for Shlomi. It seems like every quarter we are seeing another security incident. You had the npm attacks in Q3 and Q4. You mentioned another one. Are these becoming less like one-time events and more just structural growth drivers? Are we just permanently in a higher threat environment and maybe we should be penciling in a more consistent contribution from these types of incidents going forward? Or how should we think about the long-term contribution from the higher threat environment we are in today?

Shlomi Ben Haim: Ravi, this is a great call out of what is happening today. There are more and more attacks over the software supply chain. Attacking the software supply chain by hackers means that they are going after the software packages, the binaries. It started three years ago, this trend, with Log4j, then Python, then MCP, and now npm and Chai Hulud in three different incidents. Every customer, every enterprise, every software organization understands now that the software supply chain is not protected if the software packages, if the binaries, are not protected.

Putting aside this threat that is kind of floating over every company now, code agents become far faster in how they create code and therefore create more binaries using more open-source packages. So this threat and this trend is something that we anticipate will only grow, and therefore, we built our JFrog Ltd. security suite to tackle this threat.

Operator: Your next question comes from the line of Michael Cikos with Needham. Your line is open. Please go ahead.

Jeffrey Schreiner: Hey, team. Thank you for taking the questions here.

Michael Cikos: Some very encouraging data points, and I appreciate especially the RPO growth and ARR contribution when thinking about security as far as demonstrating that this truly is a platform and the attach you are seeing. One of the things I wanted to come back to and we have been fielding on our side: with the heightened threat environment and some of these hacks, which unfortunately feel a little bit more commonplace now, is there a general rule of thumb where we would be able to draw parallels between a hack of the npm size and what that would equate to in revenue?

Is there any broad parallels we could draw from, or is it really just happenstance depending on what part of the ecosystem is being hacked? Anything there would be beneficial. And thank you so much.

Shlomi Ben Haim: Thank you, Michael. I will take this one. The only responsible way to look at the potential revenue growth is to look at the amount of enterprise customers in our portfolio that still did not adopt JFrog Ltd. security. And while we are growing by hundreds every year, and the ASP is growing significantly, there is still a lot of room to grow within our portfolio. JFrog Curation in the last two quarters is exploding, mainly due to the fact that the threat is real, the scale is required, and you have to move fast. Big companies are not taking any risks, especially in today's changing environment.

Second thing that I should note, Michael, is that most of our new enterprise landers—what I referred to before when we spoke about new logos—are already adopting the JFrog Ltd. platform with security. So there are three avenues of growth. Number one, customers that are still not using security and will hopefully adopt. Number two is with new logos that are joined enterprise logos. Again, we are not buying logos; we are going after the enterprise logos that are subscribing from the get-go with security. And number three is the number of projects within the companies that already adopted JFrog Ltd. security, and we still have room to grow there.

Operator: Your next question comes from the line of William Miller Jump with Truist. Your line is open. Please go ahead.

Michael Cikos: Awesome. Alright. Thank you for taking the question, and I will echo my congrats for the acceleration this year.

William Miller Jump: So, Shlomi, I wanted to come back to your comment about the tsunami of binaries, accelerated by AI. For the customers that have increased their commitments, are you still seeing them grow and consume beyond these re-up commitment levels? And can you give any more color around the consumption change for customers that have leaned into coding agent deployments versus the broader customer base? Thanks.

Shlomi Ben Haim: Great question, Miller. This is going to grow, and we call it a tsunami because this is what we see. When we are reviewing the data on a weekly basis, we see how many more software artifacts are being created, how many binaries are being compiled, and that is mainly because of the fact every developer now became a super developer, and we hear how well the code agents are doing: Anthropic, OpenAI, Gemini. These agents are faster than developers. They are powering developers, and therefore, creating more binaries.

You create more binaries, you need a single source of truth to go to, whether you are an agent or developer, and this is where JFrog Ltd. comes into the picture: to secure, to govern, to build a trusted software supply chain for you and for your agents. So think about the number of developers—call it millions of developers in the world today—powered by millions of agents, and therefore, the result would be many more binaries, and then, hopefully, we would see it also in the scale of JFrog Ltd.

Operator: Your next question comes from the line of Mark Charles Cash with Raymond James. Your line is open. Please go ahead.

Sanjit Kumar Singh: Yes. Thank you. I think, Shlomi, if I could ask, with all the co-gen tools we were just talking about there creating more software and you have new bottlenecks emerging in the software pipeline, I am just curious if you are thinking about AppTrust in 2026 being maybe the next catalyst to alleviate governance and regulatory pressure in adopting AI and specific tools in that organization they are going through right now. Thank you.

Shlomi Ben Haim: Most of the very important highlights in our roadmap throughout the years since we established JFrog Ltd. came from a real enterprise need. Our customers told us last year, listen, we are faster now with DevOps and we are more secured with DevSecOps, but there is a new bottleneck, which is governance, and this is going to be even more painful when it is not only humans that are building code and compiling it to binaries, but also agents. So AppTrust is tackling that exactly. We are addressing this pain of automated governance with all the evidence again stored in JFrog Artifactory as a system of record.

Whether this code was generated by a developer or by a code agent, the governance and the regulation before the binary goes to production will come out from a single source of truth, and this is what AppTrust is addressing to solve.

Operator: Your next question comes from the line of Zachary I Schneider with KeyBanc Capital Markets. Your line is open. Please go ahead.

Ravi Shankar: Great. Thanks for taking my question, guys. I am on for Jason Celino today. I wanted to ask about your AI-native customers. In the past, you have talked about having three of the top five AI natives, which is obviously great. But for the other two, or maybe any of the adjacent players that are not using JFrog Ltd., what would they be using? And how confident are you that you can eventually win them as well? Thanks.

Eduard Grabscheid: This is—

Shlomi Ben Haim: Every company now wants to call itself a native AI company. When I am speaking about the big players, I am speaking about those that are moving the market and calling the trend and setting the standard. And they chose JFrog Ltd. to be their power grid, to be the solution that will run their software supply chain. They build around Artifactory as the system of record, and they are using JFrog Xray to scan that and to collaborate and integrate with the ecosystem. The other two, I do not know if it is two or more, I do not know what they are using.

But from what we hear, some of them are evaluating tools, and some of them are building their own tools. Slowly, as we are going over a list that our go-to-market team built together throughout the year, we are bringing them one by one by one. So I hope that every quarter I will report another one that chose JFrog Ltd. not only as a partner or an ecosystem player, also as a customer.

Operator: Your next question comes from the line of Kingsley Crane with Canaccord. Your line is open. Please go ahead.

Michael Cikos: Hey. Thanks for taking my question. Shlomi, you have had JFrog Fly in beta a bit now, and you have had MCP server integrations out for a bit now. I am just curious what kinds of usage trends you are seeing with either Fly or the MCP server, and just what that tells you about how customers' workflows are changing, and then how you are positioning around that. Thank you.

Shlomi Ben Haim: This is, Kingsley, a very important move that we have done during the year. We understand—and I called it out on the script—we understand that the business-to-business is how we built JFrog Ltd. so far. In the future, it would be a business-to-agent market. And if I want agents to become my persona, my customers, then I need to give them access to interact with my platform. This is where the MCP server comes in. But it is even greater than that. MCP itself is also a binary. So we start to see more and more of our customers using JFrog Artifactory as the single source of tools for all MCPs in the market.

So it is not only that agents will use JFrog Ltd. as the blessed area to pick up binaries from, but also other players will use JFrog Artifactory to place their MCP servers in. Now, if you do that, if people work with one system of record, then consistency happens, a secured solution, a governed software supply chain before the release to production is important. And with the MCP server, agents can now interact with the JFrog Ltd. platform as well.

Operator: Your next question comes from the line of Brian Essex with JPMorgan. Your line is open. Please go ahead.

Ravi Shankar: Hi. Good afternoon, and thank you for taking the question. Maybe one for Ed. Bit of an acceleration in both sales and marketing and R&D in the quarter. I would love to get a framework of how you are thinking about investment on both sides of those and how you expect that to materialize through fiscal 2026. And maybe as part of that, if we can get the FX impact both for the quarter as well as what you are thinking about contemplating in your guide. Thank you.

Eduard Grabscheid: Sure. Let me first start with Q4 and the sales and marketing. What you are seeing is end-of-the-year bonuses that flow through in our expenses, and that is what is actually happening there in Q4. But as we step forward into 2026, the reason we called out the weakening U.S. dollar is, as you know, more than 50% of our headcount is distributed globally, so we wanted to call that out. We have a very strong hedging program, so most of that risk is already covered, and it is captured in our operating margin guide already. We also have very disciplined operational execution in terms of maintaining expenses.

So we continue to invest, but we continue to make sure we are doing it smart. Anything that we see in terms of the potential outperformance on the top line, we would still consider a meaningful portion of that to flow into operating margins.

Operator: Your next question comes from the line of Shrenik Kothari with Baird. Your line is open. Please go ahead.

Sanjit Kumar Singh: Great. Thanks a lot for taking my question.

Shrenik Kothari: Apologies for my bad voice. But just beyond the foundational models that you touched upon, you are now a secure model registry for NVIDIA AI Factory and for Hugging Face, arguably two of the most strategic on-ramps to model consumption. Just curious, Shlomi, how are these top-down partnerships driving new logos for you? Number one. And two, when it comes to monetizing this unique position, where are they on the adoption curve for the additive logos that you have described in terms of AI Catalog adoption and AppTrust and agentic remediation? Thanks a lot.

Shlomi Ben Haim: Yes, Shrenik. We managed to expand our platform so successfully with security and with MLOps and with DevOps and distribution that every time that we have another partnership powering the community, it spreads across all of these elements of the platform. Specifically with NVIDIA, beyond the fact that it validates JFrog Ltd. as the single source of truth for all AI tools and for models, it is also aiming to the enterprise, as we mentioned before. This is our strategy. NVIDIA is being used by the enterprise. They are selling GPUs. We are providing them with a secured area for models interaction, and this supports the enterprise. Hugging Face, however, is a different scenario.

Hugging Face can be a top of funnel for JFrog Ltd. because it is the open-source hub. It also supports most of our customers that are using Hugging Face as a local repository for the models that they bring from outside, so they will have a secured environment. Now when we are looking forward into 2026, the too integrated to fail philosophy is something that we are not only collecting feedback from the market on what they would like to see, but also how we can serve them better—not just the human developers, but also the agents. How can we serve Anthropic Opus 4.6 better? How can we serve OpenAI agents better?

Because these are the new tools that are now using JFrog Ltd. as their system of record.

Operator: Your next question comes from the line of Ittai Kidron with Oppenheimer. Your line is open. Please go ahead.

Sanjit Kumar Singh: Thanks, and congrats, guys.

Ittai Kidron: Real nice solid finish for the year. I have a couple of questions, one for each of you. For you, Ed, nice to see the progress there on the security and appreciate the disclosure there. If one would do a back of the envelope and strip out your security out of your business, what would that imply that the core business excluding security is growing? Is there acceleration there, leveling off, deceleration? Any color there would be great. And then for you, Shlomi, I would love to think about 2026. What from your perspective are the greatest risks to your business right now?

And maybe, clearly, with what is going on in the world right now in the context of AI and how it could potentially do everything, including our laundry, my question is to you: in what way could AI be a risk to your business? Thank you.

Eduard Grabscheid: Thank you for the questions, Ittai. I will start here, and then Shlomi can finish. We gave you the results at the end of the year for the revenue contribution that is coming from security, and it is still a relatively small piece in terms of that contribution to the top line. We go to the market as a platform, selling together both Artifactory and security. So we do not want to carve that out. The results that we show you on the top line were impressive. That included security. We are very happy with the direction that it is going.

The sales team are instructed to sell together the solution and the offering, which we believe, when you go to the market together with Artifactory and security, you secure your software supply chain at scale—what is needed for today's customer.

Shlomi Ben Haim: I will answer the risk question, Ittai. We are all standing at the edge of a cliff. Some people will tell you that we are going into a world of productivity—you mentioned laundry; some people gave us other examples. And some people will tell you that we are all going to be replaced by robots. I think that for the business, and this is my job as the CEO, to make sure that we are focused, that JFrog Ltd. is differentiated and brings value to our enterprise customers, and what we see now is that we keep building for the future with them. Just a few days ago, Elon Musk tweeted that code is going to be replaced.

The only outcome will be binary. It reinforces again what we keep saying for the last fifteen years. Binary is the primary asset. This is where we should be focused. And my biggest risk is that I will get confused and start to follow trends and not serve my enterprise with what we do best: being the system of record.

Operator: Your next question comes from the line of Jason Noah Ader with William Blair. Your line is open. Please go ahead.

Sanjit Kumar Singh: Yeah. Hi, guys. I hope I could squeeze in as well. One quick one for Ed, one for Shlomi. For Ed, just trying to understand that $800,000,000 FY 2027 revenue target. Is that just kind of aspirational at this point because it would require pretty massive revenue acceleration in 2027? And then for Shlomi, I know you guys price Artifactory on capacity. So it should, logically, follow that the tsunami of binaries that you called out should accelerate growth in your core solution. Are we seeing that at all yet, or is that still to come? And when do you think that could come?

Eduard Grabscheid: I will start with the question regarding the $800,000,000 on the long-term model. At the end of the day, we are focused on delivering and executing in 2026. That is what we are guiding to at this point. When we look at the results over the last three years, we are on track with that number. It does not reflect our conservative or responsible guidance philosophy, but the focus right now is on delivering in 2026.

Shlomi Ben Haim: I will take it from here, speaking about conservatism. We see—as we mentioned in the call—a rise in the AI-related binaries being consumed by our customers. We manage PyPI, npm, Docker, Conda, and others. But, you know, Jason, we are not promising magic. We are being very disciplined with our guidance. And we commit when the customers commit, then we guide the market. We guide you by commitments and not by usage. So yes, we see spikes and, yes, it is an uplift to our performance, but we will not guide based on this data transfer until it will follow a customer commitment. And customer commitment usually comes when usage is stabilized and not based on trends.

Operator: Your next question comes from the line of Andrew Michael Sherman with TD Cowen. Your line is open. Please go ahead.

Mark Charles Cash: Oh, great. Thanks. Hey, guys. Shlomi, is demand for Curation to accelerate post the second npm attack in late November? Did this pull any deals forward into Q4, and how much is the pipeline for that up year over year?

Shlomi Ben Haim: Curation—listen, we are not celebrating these attackers coming after our customers, but obviously, we benefit from it because there was very clear value that Curation brought. Curation is a tool that is out in the market for almost two years. It is mature and it was ready, and it was ready not only in terms of the risk but also in terms of the scale. So not only did we perform amazingly in Q4 because of the npm incident, but we also built the pipeline moving forward, as I mentioned in the call.

Jason Noah Ader: Great. Thanks.

Operator: Your next question comes from the line of Jonathan Blake Ruykhaver with Cantor. Your line is open. Please go ahead.

Andrew Michael Sherman: Yeah. Hey.

Jonathan Blake Ruykhaver: Congrats on a fantastic 2025, guys.

Shlomi Ben Haim: So, Shlomi, I would love to hear more details around what you are seeing in terms of the potential convergence of the DevOps toolchain to address MLOps. And, specifically, are they seeing the benefits of, or do they understand the benefits of, a potential unified pipeline, particularly around security and governance? And I guess lastly, as a part of that, what are you seeing in terms of adoption trends for JFrog ML and your expectations for that in 2026?

Shlomi Ben Haim: JFrog ML was included in—I think it was Q2 or Q3 this year—in our platform. Some of our customers are already using JFrog ML to manage their full model life cycle. We treat the model as a package. A model is yet another binary. So by providing them with these capabilities, we are reinforcing the fact that JFrog Ltd. is the central, trusted source of truth, not only for the legacy artifact but also for the new artifacts, which are models. I think that this will evolve as the market evolves. MLOps will not stay as it used to be before the days of LLMs.

What we see now is that code agents are also starting to interact with the JFrog Ltd. platform for any push and pull of binaries. So overall, it is growing, it is evolving. This entire landscape is changing, and we are tracking it and we will keep you posted on it.

Operator: Your next question comes from the line of Eamon Robert Coughlin with Barclays. Your line is open. Please go ahead.

Kingsley Crane: Hey, guys. Thanks for taking the question, and congrats on the continued execution. I just wanted to go back to the MLOps motion and how to think about that opportunity. Can you help us understand that consumption profile—what that would look like for an LLM maybe compared to a traditional binary? And then what makes JFrog Ltd. well positioned to be the default LLM repository for these enterprises? Thanks.

Shlomi Ben Haim: The MLOps solution is actually going after providing the CI/CD experience for models. It started with small models, and then the world in the last year evolved, and so did our tools and our platform. The idea around it in terms of consumption is that if you treat a model as a binary—which it is—then we should see more data transfer. We should see more storage. I think that there is a better potential for monetizing on storage because models, by definition, are bigger binaries than the others.

Since our pricing model is a consumption-based model, if we drive models to use the MLOps capabilities of JFrog Ltd. together with the security and the storage, you should see our consumption going higher, and therefore, the commitment of the customers will go higher. This is something that we are tracking closely and looking forward to see the results.

Operator: Your last question comes from the line of Jeffrey Allan Schreiner with D.A. Davidson. Your line is open. Please go ahead.

Eamon Robert Coughlin: Can you hear me now?

Eduard Grabscheid: Yes. We can hear you, Jeffrey.

Eamon Robert Coughlin: Perfect. Thanks for taking my question, and congrats on the strong results here.

Jeffrey Allan Schreiner: If I look at cloud revenues, they seemed a little bit more stable quarter to quarter this year compared to historically. Maybe just on the seasonality side, as cloud revenue becomes a bigger portion of revenue, should we expect a little bit more stable seasonality, or is it still the same as you target large enterprises in these larger deals? No change on that front?

Eduard Grabscheid: Hi, Jeffrey. When you think about the cloud, you need to think about three different things. First is our guidance philosophy, which we de-risk for those largest deals, as well as usage over minimum commitments, including emerging AI trends. That is what creates variability on a quarter-over-quarter basis, and that is excluded from there. As you mentioned, it is also now a greater portion of our revenue. But when you think about sequential growth today, it would be linear until we start to layer in any usage if that potential continues or these large deal wins.

Operator: There are no further questions at this time. I will now turn the call back to Shlomi for closing remarks.

Shlomi Ben Haim: Thank you, everyone. 2025 was a great year. We are looking forward to 2026, and we are very excited about the changes in the market and the new players in the market that we are looking forward to collaborate with. May the frog be with you, and may you have a wonderful Valentine's Day.

Operator: This concludes today's call. Thank you for attending. You may now disconnect.

This article is a transcript of this conference call produced for The Motley Fool. While we strive for our Foolish Best, there may be errors, omissions, or inaccuracies in this transcript. Parts of this article were created using Large Language Models (LLMs) based on The Motley Fool's insights and investing approach. It has been reviewed by our AI quality control systems. Since LLMs cannot (currently) own stocks, it has no positions in any of the stocks mentioned. As with all our articles, The Motley Fool does not assume any responsibility for your use of this content, and we strongly encourage you to do your own research, including listening to the call yourself and reading the company's SEC filings. Please see our Terms and Conditions for additional details, including our Obligatory Capitalized Disclaimers of Liability.

The Motley Fool recommends JFrog. The Motley Fool has a disclosure policy.