FROG - NASDAQ

Ladies and gentlemen, thank you for joining us and welcome to JFrog's Third Quarter 2023 Earnings Conference Call. I'll hand the conference over today to Shanti Ariker, Chief Legal Officer. Shanti, please go ahead.

Good afternoon, and thank you for joining us as we review JFrog's third quarter 2023 financial results, which were announced following market close today via a press release. Leading the call today will be JFrog's CEO and co-founder, Shlomi Ben-Hayim, and Jacob Schulman, JFrog's CFO. During this call, we may make statements related to our business that are forward-looking under federal securities laws and are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, including statements relating to our future financial performance, including our outlook for Q4 and the full year of 2023. The words anticipate, believe, continue, estimate, expend, intend, will, and similar expressions are intended to identify forward-looking statements or similar indications of future expectations. You are cautioned not to place undue reliance on these forward-looking statements, which reflect our views only as of today and not as of any subsequent date. Please keep in mind that we are not obligating ourselves to revise or publicly release the results of any revision to these forward-looking statements in light of new information or future events. These statements are subject to a variety of risks and uncertainties that could cause actual results to differ materially from these expectations. For a discussion of material risks and other important factors that could affect our actual results, please refer to our Form 10-K for the year-ended December 31, 2022, filed with the SEC on February 9, 2023, which is available on the Investor Relations section of our website and the earnings press release issued earlier today. Additional information will be made available in our Form 10-Q for the quarter-ended September 30, 2023, and other filings and reports that we may file from time to time with the SEC. Additionally, non-GAAP financial measures will be discussed on this conference call. These non-GAAP financial measures, which are used as measures of JFrog's performance, should be considered in addition to, not as a substitute for, or in isolation from, GAAP measures. Please refer to the tables in our earnings release for a reconciliation of those financial -- of those measures to their most directly comparable GAAP financial measures. A replay of this call will be available on the JFrog Investor Relations website for a limited time. With that, I'd like to turn the call over to JFrog CEO, Shlomi Ben-Haim. Shlomi?

Thank you, Shanti, for the introduction, and thanks for stepping in today as we send warm wishes for a fast return to health for Jeff Schreiner, our VP of Investor Relations. Greetings from Israel, good afternoon, everyone, and thank you for joining us. On Saturday, October 7, the Nation of Israel awoke to a brutal terrorist attack targeting its civilian population. This tragic event resulted in the loss of innocent lives, including children, women, and the elderly. This heartbreaking incident escalated rapidly into an expanded war against the terrorist organization, Hamas. A few hours into the situation, JFrog, as a global Company with a presence in 10 different countries, activated its business continuity plan comprising three pillars. First, our internal plan to ensure the safety of our employees in Israel and maintaining communication channels. Second, is a technology pillar to ensure continuity of our services, security, cyber defense, and R&D. Finally, we activated the plan for external facing activities to ensure continuity of our customers' engagement, support, and external communication. I'm pleased to report that our operations are running smoothly and our employees are safe and accounted for. Notably, the conflict in Israel has not prompted us to change our physical year 2023 business goals that were previously shared with you. We are closely monitoring the situation but remain confident that the Company will meet these targets. We extend our heartfelt condolences to the families who have tragically lost their loved ones. Our thoughts and prayers are with them during this incredibly difficult time. We pray for the safe and fast return of the hostages who have been kidnapped by Hamas and we hope for the complete recovery of the thousands of individuals who have been injured. With that, I will move to the business. I'm pleased to report that JFrog's third quarter revenue again exceeded our prior guidance driven by increased cloud consumption, broader adoption of our security solution, and growing enterprise scale adoption of the JFrog software supply chain platform. Our third quarter revenue was $88.6 million, reflecting 23% year-over-year growth. Cloud usage accelerated in Q3, delivering revenue of $30.6 million, increasing 46% year-over-year. We also exceeded our profitability guidance with a non-GAAP profit of $16.6 million, generating $25.4 million in free cash flow. Customers with ARR over $100,000 grew to 848 compared to 696 in the year-ago period, increasing 22% year-over-year. Customers with ARR over $1 million increased by six companies in the quarter to a total of 30 versus having 18 customers over $1 million in Q3 of last year. This is up 67% compared to the year-ago period. These results reflect the critical importance of the full JFrog software supply chain platform for software development infrastructure, with our three pillars of DevOps, security, and IoT driving strategic customer value. Now, I would like to expand on what made Q3 a strong quarter for JFrog, as our investments continue to bear fruit in accordance with the long-term plans we shared with you at the beginning of the year. First, we continue to see growth in large-scale enterprise adoption of our complete software supply chain platform. Next, our comprehensive integrated software supply chain security and the adoption of our built-in end-to-end technology versus built-on legacy point solution scanners. Third, our cloud growth and marketplace channels driven by our strategic sales team and through our cloud partnerships. And finally, JFrog's expansion into machine learning operations and AI solutions. I'll start with the growth in large-scale enterprise platform adoption. With increasing demands for delivering speed and the need for scalability and regulatory compliance, we are seeing more of our enterprise customers consolidating tools into a comprehensive platform. As an example, one of the largest telecommunication providers in the United States, with millions of global users, migrated away from a competitive self-hosted solution to the JFrog platform in Q3 with an eight-figure multi-year new business deal to standardize their operation and modernize their DevOps and DevSecOps practices in the cloud. They selected the JFrog platform's end-to-end capabilities, allowing them to build faster using JFrog Artifactory as a single source of record with high availability and efficient redundancy across their entire software development life cycle. They further noted a need to deliver more robust policy management capabilities at scale and bring comprehensive security to their complete pipeline processes. We look forward to partnering with these customers to achieve their goals of on-prem to cloud migration, developer experience upgrades, high availability, universal binary management, and a comprehensive software supply chain security implementation. This use case reflects a growing trend of enterprise-wide adoption of the JFrog platform and long-term standardization on JFrog DevSecOps technologies. At our recent user conference SwampUP, customer speakers from global companies such as Fidelity, Netflix, Capital One, and eBay, just to name a few, all reflected a common trend. A single source of record of your software supply chain requires complete management and control of binaries. A platform that is binary-centric from end-to-end is the only way to automate and secure with speed. On that note, I would like to address adoption of our holistic security solutions and the customer trend of tooling consolidation. It's a fact that the software supply chain flow is the flow of binaries, meaning through security can only be achieved with complete control of both binary release cycles as well as binary contents, dependencies, and metadata. JFrog continues to deliver security solutions into the market that are aligned with new attack threats and consolidations of point solutions under one vendor. For example, JFrog Curation, released in July and keynoted at our SwampUP conference, addresses the real pain of the enterprise around the secure consumption of open-source technologies coming from public repositories. In addition, the new release of JFrog Catalog provides a listing of over four million third-party software packages stored in public repositories, solidifying JFrog as a single source of truth for the holistic secure management of software packages. While companies' blind spot may be the security of open-source and third-party packages, binaries are also built by in-house developers writing first-party code. To achieve end-to-end security coverage, JFrog is taking the security of software releases a step further to the left with the general availability of code scanning capabilities, often known as Static Application Security Testing, or SAST. With these announcements in Q3, JFrog is the first solution in the industry to deliver end-to-end software supply chain security, providing customers complete coverage from code to production. JFrog code scanning with the new SAFT solution protects first-party code. JFrog curation protects companies from unwanted third-party packages from entering their organizations. And JFrog Catalog provides metadata and augmented information about the Company's binaries. Together with JFrog X-Ray and Advanced Security for Secret Detection and Contextual Analysis, JFrog is the only Company that delivers complete security solutions with a binary-centric approach. Combined with Artifactory, the leading binary repository, JFrog provides a complete DevSec Ops solution for your software supply chain. This end-to-end security approach continues to gain traction across verticals. For example, one of the world's largest biotech companies recently adopted our entire security offering on the JFrog platform. Looking to consolidate point solutions, they saw the value of having software supply chain security integrated with their binary management system. We look forward to helping them address their software supply chain security needs holistically. As they tell us, they intend to migrate away from point solutions such as MEND in their tool stack. In another highly regulated industry, a nuclear security group within the United States Department of Energy recently acquired the JFrog platform to improve their software supply chain security posture. One of the cybersecurity specialists in the Nevada National Security Site Team, Brian Walkman, noted, a software supply chain platform is necessary for a practical means to meet certain governmental and standards requirements. More importantly, security at all stages of a software development life cycle is necessary for national security interests. Our response is, JFrog does that. Next, I would like to address growth in cloud adoption, marketplace channel growth, and our strategic sales motions. The expansion in the number of our over $1 million ARR customers this quarter demonstrate the continuing focus of our strategic sales team on driving large-scale software supply chain platform implementation with the key partnership of the major cloud providers. For example, one of the world's largest cloud computing and virtualization technology companies came to JFrog looking to implement their DevOps and DevSecOps cloud-first strategy. First looking to host JFrog platform services themselves in the cloud, they rapidly realized they would greatly lower their total cost of ownership due to the lower maintenance and infrastructure costs that would be safe by utilizing JFrog cloud services. With nearly 3,000 developers, this Company is working with JFrog to provide a complete end-to-end platform implementation, which they acquired through the Microsoft Azure marketplace through our strategic sales and partner teams. We believe our long-term investment in this top-down enterprise sales approach driven by our strategic team will continue to provide the North Star for JFrog's top-shelf customers' goals. Finally, regarding AI and machine learning, we were proud to announce the availability of DevOps and DevSecOps industry-first support for machine learning model management in the JFrog platform in late Q3. As Katie Norton, senior research analyst for DevOps at IDC noted in her SwampUP report, quote, the ML model management capabilities expand the JFrog platform into an entirely new space and persona. A single system of record that can help automate ML models development, ongoing management, and security alongside all other components packaged into an application offers a compelling alternative, end quote. Just as we provided common ground for developers and IT engineers years ago when DevOps started, JFrog now has the opportunity to bring the world of AI and ML ops into the world of DevOps and DevSecOps. Just as companies increasingly placed the demand on development teams to support security, they are now pressuring DevOps teams to deliver machine learning and AI capabilities in line with their applications. JFrog now provides a platform for binary management for developers, data scientists, machine learning engineers, and the machine themselves. As keynoted at SwampUP, JFrog is the first and only repository manager to proxy the most popular public AI and ML model repository, Hugging Face. We are also the first solution embedding security for ML models to scan models before they are used. Artifactory now natively supports AI models within the JFrog platform to manage and deliver ML capabilities alongside all other binaries within an organization. The AI supply chain is a software supply chain, and we are proud to be addressing this demand on developers. With that, I will turn the call over to our CFO, Jacob Shulman, who will provide an in-depth recap of Q3 financial results, as well as update you on our guidance for Q4 and for fiscal year 2023. Jacob?

Thank you, Shlomi, and good afternoon, everyone. During the third quarter, total revenues were $88.6 million, up 23% year-over-year. Our stronger than expected revenues in the quarter were driven by continued strength in our cloud business and expansion of large customers on the JFrog software supply chain platform. In the third quarter of 2023, our cloud business saw sequential expansion in customer usage, equalling revenues of $30.6 million, up 46% year-over-year. We're happy to see the acceleration in our cloud business growth, driven by continued increase in cloud usage and better collaboration with public clouds to enable large customers on their marketplaces. We reiterate our baseline cloud growth rate of mid-40s during fiscal year 2023. Self-managed revenues on-prem were $58 million, up 14% year-over-year during the quarter. We continue to see that our customers' roadmaps and plans are focused on SaaS migration, and therefore, they do not expand their on-prem footprint at the same pace as in prior years. We continue to believe that our security solutions can be a potential catalyst to re-accelerate revenue growth and customer expansion within our self-hosted business. Net dollar retention for the four trailing quarters was 119%, a decline of one point sequentially. As predicted, NDR is stabilizing, and we continue to expect our net dollar retention rate for the year to be at these levels. Our gross retention continues to be 97%, with no change in overall customer return trends. In Q3, 46% of total revenue came from Enterprise Plus subscription, up from 39% in Q3 of 2022. Revenue from Enterprise Plus subscription grew 46% year-over-year. Now let me discuss our income statement in more detail. Gross profit in the quarter was $74.1 million, representing a gross margin of 83.7%, up by 10 basis points from the second quarter as economies of scale and cost control offset higher cloud revenue contribution. Operating expenses for the third quarter were $62.3 million, up by $100,000 sequentially, equalling 70.2% of revenues, compared with $59.4 million, or 82.5% of revenues in the year-ago period. During the third quarter, we continue to remain focused on expense discipline, while investing in scaling our enterprise sales and channel partner teams and introducing multiple new products. Our operating profit in Q3 was $11.9 million or a 13.4% operating margin compared to an operating income of $1.2 million or 1.7% operating margin in the prior year as we continue to execute toward increased profitability as suggested in our long-term model. Third quarter net income equaled $16.6 million or $0.15 per diluted share based on 110 million diluted shares outstanding versus a year ago net profit of $1.8 million or income of $0.02 per diluted share. Turning to the balance sheet and cash flow, we ended the September quarter with $502 million in cash and short-term investments, up from $443 million as of December 31, 2022. The Cash flow from operations was a record $26 million in the quarter. After taking into consideration CapEx, free cash flow was $25.4 million, generating a 28.6% free cash flow margin. Our strong free cash flow margin is driven by better-than-expected profitability and strong collection from our customers. We increased our expectations for free cash flow margin in fiscal 2023 and now believe we'll be able to achieve 15% to 16% free cash flow margin. As of September 30, 2023, our remaining performance obligation totaled $235.1 million. Now I'd like to speak about our guidance for the fourth quarter and full year 2023. For Q4, we expect revenue to be between $92.5 million to $93.5 million, with non-GAAP operating profit between $10 million to $11 million and non-GAAP earnings per diluted share of $0.12 to $0.13, assuming a share count of approximately 111 million shares. For the full year 2023, we anticipate total revenues in the range between $345.1 million and $346.1 million. Non-GAAP operating income is expected to be between $32.8 million and $33.8 million. And non-GAAP earnings per diluted share of $0.44 to $0.45, assuming a share count of approximately 109 million shares. Now let me turn the call back to Shlomi for some closing remarks before we take your questions. Shlomi?

Thank you, Jacob. We believe that Q3 strong results showcased the alignment with our long-term strategic growth plans as we continue to meet technology and business goals. To JFrog tireless global teams, thank you for your focus, solidarity, passion and execution. Q3 is a testament to our resilience. I'm excited to welcome Ed Grabshid as our new CFO beginning January 1, 2024. Ed brings vast experience prior to his time at JFrog and in the past four years as part of our finance leadership. Ed, we are confident that your leadership will continue to drive JFrog's success. From here, I would like to send our CFO, Jacob Shulman, the best of wishes on his next journey. While you will be with us through the end of this year, I'll take the opportunity now to thank you, Jacob, for the years of friendship and partnership. You will always be a Frog. I would also like to congratulate Orit Goren, who was recently appointed as our Chief Sustainability Officer, highlighting JFrog's commitment to maintaining and driving responsible business. After many years as our Chief Operation Officer, I want to thank you, Orit, for taking on this very important role. In closing, our thoughts and prayers continue to be with the families affected by the brutality of the terror on Israel. Israel, like JFrog, is strong and will prevail. -- we hope for peaceful and secure days ahead. With that, thank you all for joining us for our Q3 earnings call and may the Frog be with you. Now we will be happy to take your questions. Operator?

Thank you so much. [Operator Instructions] Okay, it looks like our first caller is from Pingelambora from JP Morgan. Go ahead, please.

Hey, guys, this is Noah on for Pingelamb. Glad to hear everyone is staying safe. And congrats, Jacob. It's been great working with you and looking forward to working with you as well. Can you maybe just walk us through what you're seeing in terms of the cloud optimizations at this point and any other incremental color you could provide on what to owe the acceleration of cloud revenue growth? Thanks.

Yes, no. So the trend that we see in Q3 continued positive momentum on cloud usage. As you could see, our revenues accelerated, driven primarily by usage of our large customers and growth of our large customers and marketplaces. So that's very positive. We continue to see that migrations will accelerated a bit from prior quarter still below prior year levels and the overall adoption of our enterprise platform solution on marketplaces continue to drive our cloud revenues, and that's the reason for acceleration in the cloud in the quarter...

Okay, thank you so much. Next, we have a question from Koji Ikeda, BofA Securities. Koji, go ahead.

Yeah, hi. Thank you. Thanks for taking the questions. Just wanted to follow-up on the cloud growth, the strong growth there. And Jacob, you just mentioned the migrations. But earlier in your prepared remarks, you were also talking about advanced security and its availability within the -- the self-managed portion that could help reaccelerate that segment of the revenue mix. And so just trying to think of the puts and takes here, thinking out into the future of how we should be thinking about overall migration as a SaaS revenue driver, but also the advanced security, which either could help stabilize or maybe even accelerate the self-managed piece? And when could that -- we could start seeing that in that piece of the revenue mix. Thanks, guys.

Hi Koji, and thank you for the question. This is Shlomi. I'll take this one. In thank you for the question. This is Sami. I'll take this one. I think that what we see in the cloud and the growth, the 4% to 6% year-over-year growth is also a result of our strategic enterprise sales team together with our partner team. We discussed that earlier this year, the investments that we have done there. This team is focusing on not only migrating customers from self-hosted to the cloud to bring new logos to the cloud. This team is also focusing on looking holistically at the DevOps and Devsecops requirements of our customers. Therefore, advanced security, curation and the new capabilities that we announced recently at Swamp and before are also included. We spoke about one of the biggest telecommunication in North America that just migrated to the cloud together with JFrog -- this Company also adopted Jorgen Security with a meaningful part of the subscription. The other Company, which was discussed the nuclear security Company also adopted the food platform together with security. So we see some kind of a movement not only to have a DevOps end-to-end software supply chain solutions, but also to have a comprehensive building security within the platform rather than using point solution...

Okay. Thank you so much. [Operator Instructions] All right. Our next question is from Sanjit Singh with Morgan Stanley. Sanjit, please go ahead.

Hi, Oscar Saavedra. Nice to hear about you. Hello, can you hear me? Okay, sorry. Yes, it's nice to hear about your investment in Southern Marketing to drive adoption in the large enterprise. But if we look at the last couple of quarters, that as a percentage of revenue has sort of lower-how should we think about that? Is your plan to increase your headcount in that department? Or you think at this point, you have the needed sales force to drive that adoption? Thank you.

Yes. Sure. So over the past years, we've made significant investments in our go-to-market capabilities. A few years back, we started building our enterprise sales and strategic sales team. Then last year, we started building our partnership and channel team. So we continue to make investments, and we build a security overlay and some additional capabilities on holistic top-down approach to go-to-market approach. So those investments start to bear in fruit, and that's why we see that S&M investment as a percent of revenue become more scalable and we see more leverage. We'll definitely continue to invest in those capabilities and we'll continue to grow our sales and marketing expenses in absolute dollars -- but in the long term, as predicted in our long-term model, we expect to see more leverage and therefore, as a percent of revenue, these expenses will continue to go down in the long term...

Okay. Thank you very much. Next, we have a question from Miller Jump with Truist & Company. Go ahead, Miller.

Hey, thank you for taking the question and congrats on the strong results. I guess I was just curious, could you talk about maybe the advanced -- or excuse me, the opportunity you see for advanced security and curation this year going into the fourth quarter, given the concentration of renewals there? And just any color you could give on what you're baking into guidance for that? Thanks.

Yes. Thank you for this question. As we guided the market, we announced Joban Security earlier this year. It's a set of six capabilities that are added to the platform. Just last quarter, we announced curation, which is an additional product that protect the organization from the get-go. We think that what we see here is an adoption of a consolidated security solution, which will become material in the next year, and this is how we guided the market. Currently, we are very pleased with the adoption tens of customers that already adopted this as part of the platform usage. The security additions will become material in the next year.

Okay. Next, we have a question from Kingsley Crane with Canaccord Genuity Corporation. Kingsley, go ahead.

Hi, thanks for taking the question. At SwampUp, you mentioned that the products you were releasing were thematically consistent with the growth drivers of cloud and security. So they kind of fit nicely in with the long-term model of 30% plus growth. So as we move forward, how much of that -- how much of your existing product portfolio can contribute to that growth figure? Or in other words, how much more products do we need to be released in order to hit that target? Thank you,

King, what we announced in SwampUp was part of our road map. We announced several tools that support the full software supply chain platform play that we implement in the market. Georgian security comes first, then Curation and Catalog, which was announced keynoted in SwampUp. We are also planning to have some security capabilities on the run time. So shifting right. We added static analysis security on the left to secure code. And by that, we provide an end-to-end security solution. On top of that, we also announced the AI and ML capabilities as part of the platform, natively supporting security scanning for ML models and storage of ML models in Artifactory. If you look at the global picture altogether, JF platform today provides a full end-to-end solution for DevOps and deep from code to production. And in the next few quarters, we already have items in our road map to complete even further right to what we discussed.

And if I may add to that. So when we release our long-term model, we already had this new products either at the market launch in the market or just about to be launched in the market. So we definitely took those products into account when we release and shared our long-term targets with you.

Okay. Thank you both, [Operator Instructions] and our next caller is Ittai Kidron with Oppenheimer. Please go ahead.

Thank you and Shlomi our thoughts with you and the whole team in Israel, of course. Shlomi, I wanted to make sure I understand the security. can customers buy your security solutions without artifacts or that's still not a possibility? So when will that happen? And then maybe for you, Jacob, on the expansion rate with all the new product coming along and clearly, with the better execution on the up-sell and the traction of $1 million customers. How should we think about net dollar expansion rate here going forward for the next couple of quarters?

Hi, Ittai; what we see as reported is that our net dollar retention stabilized around 120, 119 as predicted and as guided. In the self-host solutions, since our security solution is based on a per model on top of the platform -- we look to see some acceleration there. Though our strategy is very focused on the cloud and the cloud migration. And there as well, security will be a strong driver to support the net or retention guidance that we provided. Security, in both cases, both deployment environment, cloud and self-hosted is based on by developer and not only by consumption. So we think it will support the net dollar retention, and it will be aligned with our guidance. Of Net this -- and it's obviously too full for us to provide guidance for 2024.

Okay. But so just to make sure I understand, can I buy your security, advanced security and curation with outbuying artifacts?

No. Currently, security, our solution security is part of the platform coming with the Artifactory in X-ray. In the future, we may consider to have it as a stand-alone solution. Currently, it's a full solution coming with the platform.

Thank you. And our next caller is Brad Reback from Stifel. Brad, go ahead.

Great. Thanks very much. Shlomi, Just as we think about sort of the emergence of AI and ML large language models, how does that play to help accelerate usage of the cloud Artifactory. Thanks.

It's great, Brad. AI and ML, these are technologies that are being adopted rapidly by all organization and also the enterprise are looking into it. As you are familiar with our portfolio -- the majority of our customers are enterprise customers with thousands of developers. And to be frank with you, most of them are trying to first kind of put down the playbooks and the regulation of how you use AI, how you secure AI, how you automate it and how you become more efficient with it before you let machine code and build binaries and distributed for you. So we planted the seeds, GPG is the first and only Company in the world that practically provide AI solutions for our customers. We planted the seed not only for developers but also for security. Artifactory natively proxy having faced the public repository and x-ray automatically scale all ML models before they are getting into the set the software supply chain. With the rapid growth and rapid adoption of AI and ML ops we believe that this will be just another part is for the case users and will accelerate the adoption of our platform will put us in a very good position in terms of competition that might come up in the future. And we'll serve our customers and community better with the unvotality that we provide. Currently, it's too early to say how will this impact the long-term model.

Thank you. And our next caller is Jonathan Ruykhaver from Cantor Fitzgerald. Jonathan, go ahead.

Yes, thank you. So, for me, an interesting point that has come up in discussions we've had with JFrog customers is around the automation that Artifactory brings to third-party CICD solutions, and specifically the significant reduction in build time and cost savings. Can you just comment on that dynamic, how important it might be when you look at Newlands. And also, what is the implication to pipeline? Is pipeline less of an opportunity just given how well you work with other CICD tools?

Yes. Thanks for this question, John. JFrog Artifactory, and JFrog platform overall is based on an open red API, working with all the major CICD tools in the market. We are actively supporting GitHub Action, Jenkins, GitHub CI-CD, Circle CI, and obviously others. It's also mandatory for everyone who use CI to use the binary repository because the moment CI on top of your source code repository, you create a binary. And then the deployment into Artifactory and putting out from Artifactory by CICD and automating the full software supply chain is being made in and out from Artifactory. Regarding JFrog pipeline, JFrog Pipeline is accelerating the automation of the JFrog platform integrates with all the CI/CD tools and help you promote binaries from every quality gate all the way to production. JFrog pipelines also provide a friendly UI for users to manage their dependencies and to manage the source of all binary. We don't see JFrog Pipeline as a catalyst for the adoption of our platform or major catalysts for ARR. Actually, what we see is that using JFrog pipeline makes our users more faster and secured as they secure their pipeline by using it.

Okay. So it's having a strong impact in terms of the value proposition, but it's not necessarily impacting ARR or the adoption of the Enterprise Plus package, correct?

Correct.

Okay. Thank you. Looks like our next call is from Michael Cikos from Needham & Company

Great. And I apologize if I missed this in the prepared remarks for the Q&A. I know I'm struggling in a couple different earnings calls, like I imagine my peers are as well. But I think the first question, if I could, for Shlomi. We were kind of struck last quarter when the Company was saying that the optimization headwinds were largely behind the Company. And I apologize if I missed this, but could you provide us an update? Does that still stand here where we are today? Is it fair to think that those optimization headwinds for JFrog are now firmly in the rearview mirror? And then I just had one follow-up.

Yes, Mike, we did talk about the usage trends, and we continue to see continued growth of usage. So we do believe that this wave of optimization is behind us. We continue to see the adoption of our platform by larger customers on marketplaces. However, having said that, we also see a slower pace of migrations comparing to prior year. So definitely, macro headwinds in terms of impact on pace of migration is still there, but cloud usage continues to grow, and that trend that we've been experiencing for a couple of quarters now.

Got it. Got it. Okay. And I think maybe one other item. I think earlier this year as well, I know the Company was trying to adjust its free tier. And I think that you guys had decided to limit the number of users that fell under that free tier and maybe by creating that limited capacity, there was a thought that, that could benefit the model and some capacity from a monetization standpoint. Can you remind us what the initial findings on conversion or benefit to revenue, if any, have come through the model at this point?

Yes, Mike, when we decided to kind of building the top of the funnel without free tier earlier in 2022. The main reason was all the additions that we provided with security and IoT capabilities. If you cannot just add on a 3-tier basic DevOp solution, it didn't serve not the strategic product strategy and not the go-to-market strategy, which became top-down strategic enterprise sales. The conversion that we've seen from the free tier where customers, usually small groups of developers that converted to Artifactory and the power subscription, and we decided that it doesn't serve the top of the funnel, I'm happy to report that you can see that what we have built now with our enterprise sales and the strategic sales per foot, one of the results being demonstrated this quarter with the amount of customers that are going over $100,000 over $1 million. This is not coming from pretty as you probably understand.

Okay. Thank you so much. Our next caller is Nick Altman with Deutsche Bank.

This is John Gomez on for Nick. Can you talk about how September and October trended from a macro perspective relative to expectations? And whether you have seen any meaningful change in overall like buying propensity from customers.

No, we did not see any changes in the trends in October continued to be comparable with Q3.

Next caller is from Ethan Weeks with Piper Sandler. This is Ethan on from Rob. It seems like there's still a large amount of organizations out there using either free or open source binary repository management solutions. And as we think about the amount of innovation and product leases you've had on the security side, do you think this could provide a catalyst maybe for a lot of these organizations to start considering a commercial solution?Or if not, maybe what that catalyst may be in the future as we think about new customer growth and converting some of these onto your platform? Thank you.

Yes. I'll take this one. We built Gotraction from the bottom up on the developer app and obviously, starting with open sales build the concerns around Artifactory as a single source of record for the organization. What we know now years after is that it takes more than just one open source solution. When you want to build a comprehensive software supply chain solution, especially on an enterprise infrastructure level, you have to adopt some security tools you have to adapt universality, high availability, multi-cytopology. And very often, we want to move everything to the cloud, which obviously has nothing to do with open source or not. It's about having it as a service. So for sure, yes, it's the top of funnel. A lot of potential customers are looking at the open source before they are trying our tools in the three trial. But the open source is still there, serving us among developers. -- the enterprise with J. Polkchein, it's a very temporary solution and usually being good place very fast.

Okay. And our final question comes from Michael Turits with KeyBanc Capital Markets.

This is Billy on for Michael. Just wanted to ask, with curation crossing between kind of both developers and security, have you seen that acting at all as a gateway to broader conversations with the CISO? Should we think about curation as the next logical customer expansion from the core product before adopting advanced security? Thank you.

This is a wonderful question. curation is very, very unique because curation lends on the common ground of the CIO and the CIS. What I mean by that is that companies realize that they can become far more efficient with adopting open source stages by scanning it before it's even getting into the organization. And therefore, curation is very appealing and growing very fast. The pipeline, we are very pleased with what we see that people immediately understand it. It doesn't matter if you're coming from the security side or the DevOp side, you immediately understand the value of preventing malicious packages to get into your organization to your software supply chain. So we absolutely think that this will accelerate the adoption of our security solution. This is also why on the go-to-market, it's separated from getogretan security, still based on the same business model. In the future, we will add more capabilities that would provide a full comprehensive better solution. But already now, -- we see that nobody is just building from scratch and everybody brings open source packages. And therefore, you want to secure them and to curate them to bless them before they are getting into your software supply chain. Once they are in, then Goersecurity take and actually take position and secure our pipeline. So my answer is absolutely yes, and I'm looking forward to see how this is changing the landscape of how open our software packages are being used.

Thank you. And there are no further questions at this time. So I will turn the call back to Shlomi for closing remarks.

Well, thank you, everyone. Thank you for taking the time to join us today. We pay for more feasible, quiet days here in Israel and made the fog be with you.