Ladies and gentlemen, thank you for joining us and welcome to JFrog's Fourth Quarter and Fiscal 2022 Earnings Conference Call. I'll hand the conference over today to Jeff Schreiner, VP of Investor Relations. Jeff, please go ahead..
Good afternoon and thank you for joining us as we review JFrog's fourth quarter and full year fiscal 2022 financial results, which were announced following market close today via a press release. Leading the call today will be JFrog's CEO and Co-Founder, Shlomi Ben Haim; and Jacob Shulman, JFrog's CFO.
During this call, we may make statements related to our business that are forward-looking under Federal Securities laws and are made pursuant to the Safe Harbor provisions of the Private Securities Litigation Reform Act of 1995, including statements related to our future financial performance, including our outlook for Q1 and full year of 2023.
The words anticipate, believe, continue, estimate, expect, intend, will and similar expressions are intended to identify forward-looking statements or similar indications of future expectations.
You are cautioned not to place undue reliance on these forward-looking statements, which reflect our views only as of today and not as of any subsequent date.
Please keep in mind that we are not obligating ourselves to revise our public release the results of any revision to these forward-looking statements in light of new information or future events. These statements are subject to a variety of risks and uncertainties that could cause actual results to differ materially from expectations.
For a discussion of material risks and other important factors that could affect our actual results, please refer to our Form 10-K for the year ended December 31st, 2021, filed with the SEC on February 11th, 2022, and our most recent report on Form 10-Q, which is available on the Investor Relations section of our website and the earnings press release issued earlier today.
Additional information will be made available in our Form 10-K for the year ended December 31st, 2022, and other filings and reports that we may file from time-to-time with the SEC. Additionally, non-GAAP financial measures will be discussed on this conference call.
These non-GAAP financial measures, which are used as measure of JFrog's, performance, should be considered in addition to, not as a substitute for or in isolation from, GAAP measures. Please refer to the tables in our earnings release for a reconciliation of those measures to their most directly comparable GAAP financial measures.
A replay of this call will be available on the JFrog Investor Relations website for a limited time.
With that, I'd like to turn the call over to JFrog CEO, Shlomi Ben Haim, Shlomi?.
Thank you, Jeff. Good afternoon to you all and thank you for joining the call. I'm happy to report that we ended fiscal year 2022 with annual results in line with our guidance range despite the 2022 or the challenging year from a macro economic and geopolitical perspective with moderated growth in the IT market.
Nevertheless, DevOps, security software, and cloud computing remained among the most resilient IT projects.
I'm happy to see the JFrog not only performed well with revenue growth of 35% year-over-year in line with our guidance range, but also exceeded our commitment to breakeven wrapping up Q4 with non-GAAP EPS of $0.04, more than double the range we communicated in Q3.
2022 included hyper growth in our cloud business, significant growth in the number of customers that subscribe to our full software supply chain platform, powered by advanced DevOps and DevSecOps end-to-end solutions, and the higher landing ASP with customers who invested more in digital transformation.
For the fiscal year 2022, revenue was $280 million, up 35% year-over-year. JFrog finished the year with over 7,200 customers compared to 6,650 in the prior year, choosing us as the DevOps and DevSecOps partner of choice. Allow me now to elaborate more on our fourth quarter results.
Our 2022 fourth quarter revenue was $76.5 million, reflecting 29% year-over-year growth. Our cloud revenues delivered continued momentum equaling $22.6 million and increasing 53% year-over-year.
Our growth in the quarter was driven by continued increases in end-to-end JFrog platform subscriptions as well as ongoing customers migration to multi-cloud and hybrid environments. Customers with ARR over $100,000 grew to 736 compared to 696 in the previous quarter, increasing 37% year-over-year.
Customers with ARR over $1 million increased to 19, up from 18 in the previous quarter and up 27% year-over-year. We are pleased with this result, especially in light of the market dynamics we witnessed in the last few weeks of the quarter.
On today's calls, we'll share an update on how the latest macro-economic changes are impacting our business, how we are adjusting for it, and how we continue to drive growth alongside cost efficiency to capture the massive DevOps and security market opportunities ahead.
Let me start by expanding on the top three teams that drove customers acquisition and expansion throughout the year and specifically in Q4. First, overall adoption of our end-to-end software supply chain platform, showing increasing maturity and tooling consolidation by the enterprise.
Second, growing demand for security solutions that are fully integrated into the DevOps workflow and available as part of a full platform. Third, cloud and multi-cloud migration and adoption. Let's begin with the end-to-end JFrog platform scope.
The growing adoption of our complete platform by new and existing customers showcases the broad need for scalable end-to-end fully integrated hybrid solutions. Our holistic platform approach does continue to serve momentum in Q4.
For example, one of the world's most recognizable payment processing companies completed a standardization on the JFrog platform as their system of records.
They chose JFrog over the prior solution Sonatype Nexus, as they needed a highly available solution that scales efficiently and supports hybrid environments to meet the needs of thousands of developers. In another example, a leading commercial bank in EMEA chose JFrog as their enterprise DevOps system of records.
Due to the high level of complexity, they presented requirements for universality, full binary lifecycle management, integrated security, large scale, and efficient replication and distribution between development sites.
Already utilizing GitLab for source code management, this bank turned to JFrog to complete their software supply chain coverage within advanced solution for binary management and software supply chain security.
We saw this trend throughout 2022 as customers are telling us that both from a technology and business perspective, platform consolidation and standardization will be a key theme in 2023 not only for DevOps or DevSecOps, but for complete software supply chain management. Second, to our security pillar.
In mid-October, we launched an industry disruptive set of advanced tools introducing JFrog Advanced Security as the first DevOps-centric security solution. While we continue to build and expand this offering, we were excited to see initial customers who purchase JFrog Advanced Security subscriptions, quickly taking advantage of these capabilities.
JFrog's meaningful investment in security over the past few years is beginning to bear fruit.
We strongly believe that the holistic JFrog platform powered by JFrog Artifactory, the database of DevOps, and the de facto standard in the software package management, combined with our best-of-breed security solution into a single platform will drive adoption among our install base and attract new users.
This is reflective of the sea change we saw in 2022 of security being embedded across the software supply chain, and companies discovering that if they don't control and secure the binaries in their organization, they are finding it nearly impossible to secure the software assets and remediate security issues.
Modern security technology is automated, requires less human intervention, manages software package dependencies, and set policy that protect and remediate an organization's software supply chain.
We build JFrog Advanced Security with this understanding, and we believe it will displace legacy security solutions, attracting new customers to JFrog as this market continues to mature. In just over a year since our acquisition of Vdoo, JFrog has really a half dozen capabilities that can consolidate security point solutions currently in the market.
As some competitors cobbled together open source tooling to appeal to the market demands, JFrog delivers a comprehensive DevOps and DevSecOps solutions for enterprises who are looking to consolidate the tool stack into a single platform. Let me share with you how we differentiate insecurity.
Development teams are using security point solutions that generate too many results, requiring them to inefficiently fix all vulnerabilities, not allowing them to prioritize remediation based on context. This is why our contextual analysis capability was released.
With JFrog Advanced Security, we allow teams to prioritize safe development hours and focus on what matters. Also, companies want to ensure that no software is shipped within accidentally included secrets or access keys.
This is why secrets detection in our Advanced Security solution is so important, as it discovers inadvertent revealing of secrets and where they live in both code and hard coded into binaries.
JFrog is helping companies and development teams focus these holistic security efforts with our solutions, alleviating teams' workloads, decreasing risk, and covering the entire software supply chain, which is impossible by scanning source code alone.
We believe this approach will help drive growth in existing customers in 2023, upgrading many into higher JFrog subscription type, that incorporates security solution alongside core architect management.
Security budgets remain one of the most defensible areas of technology spend, as enterprises prioritize investing in end-to-end solutions to secure their growing digital attack surface. For example, in Q4, one of the Nordic region's most prominent banks turn to JFrog to incorporate security across the software supply chain.
Looking for a multi-cloud-based solution to streamline their operation, they partnered with JFrog and Google Cloud via their marketplace to enhance the bank's security posture and displaced legacy on-premise solutions.
In another Q4 example, one of France's most recognizable luxury brands turned to JFrog for complete visibility and security across the software supply chain, saying they could now build once and run everywhere securely across multiple cloud providers.
Looking to consolidate and standardize their DevSecOps tools long-term, this company is illustrative of what we are hearing from thousands of JFrog customers. They want to get control of their security tools fall and the associate costs.
We'll keep investing in JFrog security solutions as one of our R&D cores and look forward to more advancement and innovation in software supply chain security in 2023. We believe proven powerful holistic security solution, coupled with end-to-end binary management is antidote to modern software supply chain's security threats.
Now, I want to address our cloud business. Cloud, multi-cloud, and hybrid infrastructures continues to be the desired end state of many companies.
Our enterprise customers tell us that cloud migrations are often a multi-year effort and that the hybrid capabilities of JFrog allow them to move over time at their own pace with limited disruption to the business. As such, we've been pleased throughout the year to see growth in the cloud business across all subscription types.
In Q4, a Fortune 100 pharmacy brand chose JFrog's software supply chain platform due to the immediate need to consolidate DevOps and DevSecOps solutions. JFrog replaced multiple existing on-premise and cloud offerings, including container registry tools from AWS and Google Cloud to manage their full software supply chain on one platform.
This $500,000 enterprise class bill was driven by the need for universality, scalability, consolidation of tools and JFrog's out-of-the-box integrations across the ecosystem.
Recent CIO surveys validated by analysts and our customers tell us that while some short-term budgets may be tightening, annual investment in DevOps and security platforms in 2023, specifically in multi-cloud form are expected to go over 2022. Next, I want to address the ongoing macroeconomic challenges.
JFrog's overall win rate and customers' preservation remains robust, consistent with the historical trends, and we have been able to close substantial amount of Enterprise Plus deals, that show us the enterprise demand for JFrog solutions.
However, the macroeconomic headwinds, such as elongated sales cycles and customer pushouts increased significantly in the fourth quarter, impacting the overall growth of our business. During the month of December, we witnessed a further slowdown in deal closing and increase customers' optimization efforts in cloud usage.
As we closed the quarter, we saw our customers exercise caution in this uncertain environment. This is evident in the number of deals that pushed from Q4 into 2023 and that now require C-level budget sign-offs. This impacted our growth and net retention rate in the fourth quarter.
It is further evident that self-hosted customers who considering migration to the cloud are expanding their on-prem system at a slower pace, in favor of their cloud migration strategies that are pending further budget approvals. We would expect this pattern to continue in 2023 and have included them in our forward outlook.
Despite these challenges, we see growing need for DevOps security and edge solutions across the software supply chain in 2023 and beyond, continuing to believe JFrog's software supply chain platform sets industry standards and delivers unmatched value to the market.
As we step into 2023, we see opportunities to leverage investments we have made within our solutions in prior years, allowing us to expand our profitability while still delivering topline growth as we will share in our guidance.
JFrog was founded in a recession, has built a solid business across a decade, and we believe remains well-positioned and well equipped to deliver in uncertain times. With that, I'll turn the call over to our CFO, Jacob Shulman, who will provide an in-depth recap of Q4 financial results and update you on our outlook for both Q1 and fiscal year 2023.
Jacob?.
Thank you, Shlomi and good afternoon everyone. During the fourth quarter, total revenues were $76.5million, up 29% year-over-year. The full fiscal year 2022, revenues were $280 million, up 35% year-over-year. We ended the year with 7,200 customers, an increase of 8% over the 6,650 customers at the end of 2021.
Expansion in our cloud business continued during the fourth quarter with revenues of $22.6 million, up 53% year-over-year, representing 30% of total revenues. For fiscal year 2022, our cloud revenues equaled $80million, up 60% year-over-year and equaled 28% of total revenue.
We are pleased with the growth in our cloud business during the quarter and fiscal year 2022. However, we have seen an expansion of headwinds from both customer optimization and macroeconomic impact relative to our expectations, which impacted fourth quarter results.
In the fourth quarter, our cloud usage was impacted by higher than expected transition of our pay-as-you-go customers to minimum annual commitments. The transition to annual commitment is beneficial to our business, it reduces volatility, and provide more visibility over the long-term.
However, in the short-term, it negatively impacted our revenue growth in the quarter due to volume discounts based on commitment size. Self-managed revenues on-prem were $54 million, up 21% year-over-year during the fourth quarter. For full year 2022, self-managed revenues increased 28% compared to the prior year.
Net dollar retention for the four trailing quarters was 128%, a decline of two points due to macro headwinds. Our gross retention continued to be at 97%. In Q4 of 2022, 43% of total revenue came from Enterprise Plus subscriptions, up from 35% in Q4 of 2021. Now, let me discuss the income statement in more detail.
Gross profit in the quarter was $64 million, representing a gross margin of 83.7%, compared to 84.8% in the year ago period. The decrease in gross margin relative to the year ago period is related to a high portion of cloud revenues as a percentage of total.
We expect gross margins will remain between 83% and 84% in the near future and then trend towards the low-80s over the long-term as cloud revenues become a greater portion of our total revenue. Operating expenses for the fourth quarter was $62.5 million or 82% of revenues, up from $50.2 million or85% of revenues in the year ago period.
Our operating expenses grew sequentially by around $3 million, as we continue to build out our enterprise sales and channel relationships for the long-term. Non-GAAP operating profit in Q4 was $1.6 million or 2.1% operating margin compared to an operating profit of $50,000 or 0.1% operating margin in the year ago period.
We turned back to profitability this quarter, as non-GAAP net income in the quarter was $4 million with earnings per share of $0.04 based on approximately 106 million weighted average diluted shares outstanding compared to a loss of $0.01 per share in the prior year quarter. Turning to the balance sheet and cash flow.
We ended the year with $443 million in cash and short-term investments, up from $434 million as of September 30, 2022. Cash flow from operations was $7.3 million in the quarter. After taking into consideration CapEx, free cash flow was $6.4 million or 8% free cash flow margin.
We remain committed to accelerating our free cash flow margin towards our long-term target of 30% over the coming years. As of December 31st, 2022, our remaining performance obligations totaled $204.7 million. I'd now like to speak about our outlook for 2023 and guidance for the first quarter and full year.
Our expectations for 2023 implies strong growth in our cloud business. But due to continued headwinds related to customer optimization efforts and ongoing macroeconomic impact, we see baseline growth levels moving toward the mid-40s, down from prior levels of mid-50s.
We expect the trend of slow expansion within our self-hosted business to continue through 2023, as more new customers land and expand with our cloud solutions. We continue to see an increase in usage of our solutions by self-hosted customers.
And therefore, during the upcoming fiscal year, we will implement the pricing change to better align the value we deliver. This pricing increase will contribute roughly $6 million to our forecasted 2023 revenue growth. In addition, we will soon be releasing a version of JFrog Advanced Security, supporting our self-hosted customers.
We are happy to see strong customer engagement since launch with our cloud-based offering, and see this introduction as an opportunity to be an additional driver of expansion within our self-hosted customers. Our outlook does not anticipate any increase in customer churn, as we have not seen a loss of business.
We have seen an elongation of customers' migration process to the cloud, which will impact our net retention levels in the short-term. Our expansion in our cloud business continues to be a catalyst for longer term growth.
Given the dynamics of our self-hosted and cloud businesses in 2023, we now expect our net dollar retention ratio to be in low-120s for fiscal year 2023.
As committed, we returned to profitability in 2022 and now see opportunities to expand further in 2023 and beyond, as we begin to leverage investments we have made within R&D and sales and marketing over the past few years.
Following prior cost optimization efforts, we referenced in the second half of 2022, we will continue with our cost management efforts, shifting resources to high-growth opportunities and being disciplined about headcount growth.
For Q1, we expect revenue to be between $78 million and $79 million, with non-GAAP operating profit between $1.5 million and $2.5 million, and non-GAAP earnings per diluted share of $0.03 to $0.05, assuming a share count of approximately 107 million shares. For the full year of 2023, we anticipate a range between $340 million to $344 million.
Non-GAAP operating income is expected to be between $17 million and $19 million, and non-GAAP earnings per diluted share of $0.18 to $0.20, assuming the share count of approximately 110 million shares. Now, let me turn the call back to Shlomi for some closing remarks before we take your questions..
Thank you, Jacob. We believe we are well-positioned to face macroeconomic headwinds, as we have built a diversified customer base across multiple geographies and industry verticals.
We believe our software supply chain platform is mission-critical in the digital transformation of enterprise customers and our security capabilities complement our leading position in DevOps. As we are turning the page on 2022 and leaping into 2023, I'd like to take this opportunity and thank my team.
Over 1,300 frogs are working days and nights to make sure we are not only innovating, but also turning our customers into a digital transformation catalysts. We reimagine the future and navigate through the macro challenges in 2023.
We are committed to working with the community, our customers, partners, and industry innovators to transform the software supply chain across our three cores DevOps, Security, and IoT. Thank you all for your attendance today and made the Frog with you. And now, we'll be happy to take your questions.
Operator?.
Thank you. [Operator Instructions] Your first question comes from the line of Pinjalim Bora with JPMorgan. Your line is now open..
Hey, thank you so much for taking the questions. Shlomi, maybe you can start with the Advanced Security side. It seems like you're seeing some initial kind of traction there. Maybe help us understand kind of the attach rates to existing customers at this point.
Is it fair to assume kind of it's more of an expansion motion than a land motion? And in general, what you're seeing?.
Pinjalim, this is Jacob. Pinjalim, if you could improve the quality of your line, please. It was really hard to hear the question..
Sorry, is this better?.
Yes, much better..
Yes, I wanted to ask about Advanced Security and the attach rates that you're seeing with existing customers and if you're seeing any labs or maybe it is not a land motion?.
Yes, Pinjalim. Hi, this is Shlomi, I'll start and Jacob, feel free to chime in.
So, Advanced Security, as you know was launched on October of last year, from the early beginning, we saw demand from our existing customers that require a platform solution that comes not only with Artifactory and Xray, but the full comprehensive Advanced Security capabilities.
So, we added some features that are aligned with the software supply chain security and make sense to the enterprise. Some of what we have heard from our customers and as we reported some already purchased, is that they need to consolidate solutions that are now spread between different point solution.
They need a solution that can run in the cloud and on-prem, and this is our plan. And they need a solution that protect the software supply chain, left to Artifactory and right to Artifactory. And this is where JFrog Advanced Security comes in..
So, Pinjalim, the Advanced Security would be add-on and requires Xray capability, that's why in terms of attach rates to the customers, about half of our customers have access to Xray. So, those would be the group of customers that can today purchase Advanced Security. Again, this is just the first weeks of this product.
We have -- we're happy to see first customers find it and we have great expectations from this product. But it's just first weeks of this product in the market..
Yes. Understood.
On the macro side, maybe help us understand the pipeline that you're entering this year with at this point in time? And what have you seen so far in January? Is that more so what you'd seen in December, or is it taking a step down? Just trying to understand the guidance and how much room is there? Is it derisked or not?.
Yes. So, we did see kind of macroeconomic headwinds accelerate a bit in the last few weeks of December. Specifically, we did see increased activity in cloud usage optimization. We do see that customers trying to meet their budgets. They don't have any more kind of room to exceed the initial budget allocations.
We also saw some deals push out because it required additional approvals, which was not required previously. So, that -- those dynamics, we believe we will continue to see in 2023, and that's what we took into account in our guidance for the full year and the first quarter..
Understood. I will get back in the queue. Thanks..
Your next question comes from the line of Sanjit Singh with Morgan Stanley. Your line is now open..
Thank you for taking the questions. I want to follow-up a little bit more on the outlook, Jacob. In terms of the dynamics you're seeing, well understood on the elongation of sales cycles.
But I was wondering, thus far into early January, have you been able to close any of those pushed out deals? And in terms of the dynamics of customers moving from pay-as-you-go, monthly to annual, you'd mentioned this dynamic before -- earlier this fiscal year. So, just the magnitude of the shift is just sort of more pronounced.
And as you think about guidance for next year, where specifically are you embedding more conservatism -- just so to get a sense of how we -- how you arrive to your guidance for 2023?.
Yes. So, from the deals that were pushed out, some of them were closed in 2023, a lot of them haven't yet been closed, because they require additional approvals and they're going through approvals. And as we see customers looking at their budgets and kind of at the end of the year, typically, they're working on their budget plans.
That was yet another reason for customers kind of waiting with their purchasing decisions before the budgets are finalized. Now, with regards to the pay-as-you-go to annual commitments transition, first of all, the portion of our pay-as-you-go customers as a percent of our overall cloud business, today represents a much smaller portion.
We entered the year with about a third of the business -- cloud business being pay-as-you-go. We exited the year with pay-as-you-go to be about quarter of the cloud business.
So, the transition to annual provides us better visibility, better forecasting capabilities and helps us to create better engagement with the customer, because it's typically kind of longer-term engagements with customers with their roadmap. We expect that our pay as you go to annual commitment transition will continue.
We've seen that obviously as you know, optimization from customers is coming from two angles. One is storage, optimization, another one, data transfer optimization. The customers have more flexibility to do storage optimizations and data transfer optimization. And we will have many of them have already done that.
But we still try to be cautious in terms of, we just the level of this optimization, therefore, increased in the last few quarter -- the last few weeks of the quarter. And we tried to be conservative in how we approach the full guidance for the year..
Understood. And then, Shlomi I guess, a question for you, you have Microsoft announcing things like co-pilot for GitHub, which at least has the potential to rapidly accelerate the development and production of code. And I imagine like, the Microsoft, sort of competitors, Google, Amazon, maybe others will respond in some sort of fashion.
And so when we think of this sort of AI movement on the sort of left hand side of the software release cycle, how do you think this impacts this trend were to continue and adoption of things like GitHub co-pilot, you know, accelerates meaningfully? What do you think the impact is on the software release cycle, sort of, overall, how it impacts JFrog as a DevOps platform within that software lifecycle, and maybe even order Artifactory if you can sort of peel the onion for us in terms of how the market may be evolving with respect to some of these new AI based technologies?.
Yes, thank you, Sanjit, for the question. Obviously, AI embedded into source code management is something that is led by GitHub and, I think that they did a good job with the copilot. However, this is for source code management, most of what you do, once you walked on your source code, you start to automate everything.
And this is the power of binaries. And when you automate AI is required the automation and artificial intelligence is required in order to do a better management of binaries, a better management of binaries, distribution, and a better management of binary security.
Some of these capabilities are already included in how we build our next generation distribution, next Generation security. Some of the capabilities that we released in JFrog Advanced Security are replacing point solution legacy security solution with tools that are far more automated.
The power that we have with Artifactory is that it's easy to automate binaries. And it's almost -- I don't want to say impossible, but challenging to automate source code binaries are machine language.
So I think that you will see more and more AI embedded into JFrog security and to your question, it will go perfectly with AI embedded into source code management..
Understand. Thank you, Shlomi..
Your next question comes from the line of Kingsley Crane with Canaccord Genuity. Your line is now open..
Hi. Thanks for taking the question. So I believe you're guiding fiscal 2023 revenue growing around 22% and then Q1 growing around 23% and then exiting Q4, around 128%, NRR.
So just kind of curious, I know you said a little bit lower, but what are the underlying the guidance for next year?.
So weeks, so we ended the year with 128%. Natural retention and we expected gradually converge to 120 over the course of the year..
Okay. Thank you and then just want to touch also on the pricing changes.
So sounds like it could provide a $6 million tailwind, just any more color on the set of customers this would affect and then the nature of this change?.
So it's only impacting our self-hosted customers. As you know, our cloud monetization model is based on usage. Our self-hosted business monetization is based on number of servers. We do see that our customers utilize our solutions more and more on a self-hosted site. But it does not necessarily relate impact in the server purchases.
And therefore, we decided to make this price change in order to better align the value that our customer getting with, with the price that they pay. It's a small percent, 3% to 5% increase in across all subscription types on self-hosted solutions..
Okay. Really helpful, Jacob, thank you. I’ll hop back in queue..
Your next question comes from the line of Koji Ikedawith with Bank of America. Your line is now open..
Hey, Jacob. Hey, Shlomi. Hey, guys. Thanks for taking the questions. I wanted to follow up on that net revenue retention color there.
And I wanted to kind of find out more on the upside in perspective, what, what needs to happen, maybe from a demand environment, or you know, the customers out there, or the way that they're consuming the product that could drive net revenue retention, higher from the low 120s, maybe back up to historical levels?.
Yes, so, of course, as you know, our expansion of our customers in the cloud environment is higher than the corporate net dollar retention.
So if we see that the trends of customer migration accelerate or the trend of customer usage optimization in cloud decelerate, that's what could create potential upside on the cloud usage, also, the adoption of our security solution for on-prem customers.
Again, as we noted in the prepared remarks, we see -- we're very happy with the engagement with our customers for the -- on the cloud side with Advanced Security capabilities. We expect to launch that for on-prem. So, the adoption of these capabilities for on-prem -- by on-prem customers will also create certain upside to our expectations.
We haven't launched yet Advanced Security on-prem, that's why it's too soon for us to tell. And that's why we kind of -- that potentially could create an upside..
And Koji, and if I may add, I think that what we see is that the cloud growth is still performing very high you could see it in the results.
What we've seen in the last few weeks of 2022 was that on-prem customers that were in the process of migrating to the cloud and improving, obviously, our net dollar retention are currently on hold pending for budget approvals. And this is part of the pipeline that was pushed. But on the same hand, they are not investing more in on-prem.
So it's kind of an in-between period for on-prem customers that already express their motivation to move to the cloud, already completed a successful proof of concept of this workload migration, but still waiting to get the final approval for budget of moving to the cloud.
And that's obviously on a bigger volume in our installed base, the on-prem current customers..
Got it. Thank you for that. And just one follow-up here if I may a question on kind of the new business assumptions thinking about the net revenue retention and the guide.
I mean, it does imply not a lot of new business, so how should we be thinking about new business as a contribution to growth in 2023?.
So, we are looking at the new business and we are adding capabilities not only capabilities, but also more deployment environment cloud and on-prem, obviously, the majority of new customers are coming through the cloud and we are very happy about that. That's a cloud first strategy that we set few years ago, and now bear fruit.
Well, listen JFrog provide a solution to the enterprise and the small, medium companies that already have a mature development environment. If you are a startup with few developers, it's not necessarily bring the value that you need at scale. So, we are very pleased with hundreds of new customers.
The new logos that we added and we are also very pleased, with those that joined us in previous years and now upgraded to the platform. So, what we see coming next is more customers, new customers joining us as they scale joining us as they move to the cloud and joining us as they need more security capabilities under one platform..
Thanks, guys. Thank you so much for taking the questions..
Your next question comes from the line of Jonathan Ruykhaver with Cantor. Your line is now open..
Yes. Hey, guys. So the profitability for fiscal 2023 much higher than expected. So that's nice to see.
But given the headwinds, that you see the macro related headwinds to topline? Are you sacrificing maybe too much on the growth side? I guess what I'm asking is what is your confidence in achieving topline growth just given the lower OpEx expand, and you're maybe something more that's occurring to the business beyond just macro? I don't know, if competition is changing, or the different approaches or maybe repository management or distribution it might be impacting the opportunity just seems like with the bullishness, you articulated around expansion of Artifactory, the security distribution that number would be going as low as you talk to?.
Yes. So we invested in the various areas over the course of last few years, and we have started to see first fruit from our investments in security capabilities. Artifactory is obviously the de facto standard in the industry and continue to be very strong brand. We also build significant infrastructure around our go-to-market and R&D capabilities.
So, we believe that the current level of investments is sufficient for us to achieve these revenue targets that we expect and that's why we can increase our bottom-line as well, because we feel comfortable in the level of investments that we've done,.
Jon, and if I may add, well you know JFrog, you follow JFrog profitability was part of our plan before the recession. And we're very happy, I'm very pleased to see that we are not just committed to this KPI, but also exceeded in performing there. And we will keep on doing that.
But your question is very important, because you're asking if this is for profitability, are we sacrificing something? And the answer is no. We actually invested in three main domains, A, cloud; B, platform; and Continue, security. This is what we've done for the past year.
And now, I think that the company is set to kind of go after the fruits of this investments that are also very much aligned with the market demand and what we hear from the market. So we will take the profitability challenge alongside going after the fruits of our investment in 2023..
Okay. That's, that's helpful. Thank you. And then the following question I have.
And I would think that this would be a positive, but just the trends you might be seeing artifacts size, container usage, Infrastructure as Code, how does those trends potentially impacted trends for artifact -- Artifactory?.
Yes, Artifactory, as Jacob mentioned, Artifactory is the standard maker in the binary and artifact management in the world.
And we are very happy to see growing and especially when new customers and large enterprise are adopting this methodology, it's kind of showing us that what we invested in is really the center of gravity for software supply chain management.
When you build on top of the database of DevOps, Artifactory, and Artifactory became the single source of record for all companies, then the capabilities that you're adding as part of the platform are just completing the customers' ability to control the full software supply chain, left and right to Artifactory.
So, we still think that the primary asset in software supply chain management is artifacts, and we're also seeing it from the customers demand and we're also seeing it from other companies that are trying to develop the same capabilities..
Okay. That's all I had. Thank you..
Your next question comes from the line of Mike Cikos with Needham. Your line is now open..
Hey, guys. Yes, Mike Cikos here and thanks for taking the questions to get me on.
I wanted to circle back to some of the earlier questions that are trying to get at what level of conservatism is baked into the guidance or how much has it been derisked? And really where I'm going with this is focused a lot, I think, Jacob in your prepared remarks and said that SaaS growth in calendar 2023 is expected to be mid-40s, as we look out over the course of the next year.
And I'm trying to just get a better feel or a sense, but can you help us think about what went into your assumptions to arrive at that mid-40s, especially as we look at the comps that you guys are up against, given the strong growth rates, you guys delivered in calendar 2022.
But anything on that sales growth in 2023 would really be beneficial from my understanding?.
Yes. So the following assumptions we'll look at when we came to this conclusion, A is that number of customers today and the overall business today on minimum annual commitments versus pay-as-you-go. Two, we'll look at the pipeline for migrations from on-prem to cloud.
And we assumed some delays as we know that we did experience some delays in the conversions in the late part of Q4, and we assume that delays, we will continue to see some delays in 2023. So we applied some conservatism on the pipeline for conversion. And we also did not embed the significant upside usage on top of minimum commitment.
So we do expect that customers will continue to optimize their cloud usage, and therefore the minimal potential upside above their annual commitments..
That's great. I really do appreciate you walking me through that. And then another question for you, I guess the follow-up here.
I forget if it was if it was Koji, but one of my colleagues had asked about what's expected for the calendar 2023 contribution from new customers? I think my question is a little bit different and probably more with respect to the existing customers here.
But if I look at the -- that total customer count, I know that we only get that on an annual basis. But in calendar 2022, it grew 8% year-to-year versus growing 10% in calendar 2021. But calendar 2021 would have been 13%, if I strip out the customers that churn because you guys some set a couple of products.
And so the question that I have is, if the customer base is growing at a slower rate, how is that impacting ability or you're forecasting here, when you're thinking about the ability to continue to grow that existing customers, if those customers aren't growing at a rapid clip as they had been in previous years?.
Yes, Mike, I'll take this question, and thank you. Well, first of all, in the past three years, we added 2,000, new logos to JFrog portfolio. We are also happy with the fact that our cloud first strategy, navigate more and more new customers to join JFrog in the cloud first and not migrating later.
And the third thing, we are adding capabilities, and we see a growing ASP from the lending point. So our entry level prices is higher. There are more adoption of new capabilities. And still, when you add hundreds of customers a year and thousands since we start building the platform with you guys watching it, I see the growth as we expected.
And please remember the answer to Koji. These are mature companies that need a serious software supply chain coverage, meaning that they are ready to scale. And they are not in the proof-of-concept of adopting a software supply chain solution. So we build for scalability. And we build a comprehensive solution that comes as one platform to enable that.
This is one of the reasons that we also see a higher ASP on the lending point..
Terrific. Thank you guys..
Your next question comes from the line of Ittai Kidron with Oppenheimer. Your line is now open..
Thanks, guys. A couple of things for me, Shlomi on the macro front and the elongation of the cell cycles.
Couple of things on there, first of all, was January worse than December, the same if you can talk about that? And then second related to that, is there any more color you can give us on regions North America, Europe, Asia, or type of customer enterprise commercial?.
Yes. Thank you, Ittai. So it's too early for me to speak about January. But I can tell you that what we've seen in December and specifically, in the last week of the previous quarter, is kind of a pattern that we keep on seeing. And this is why we took it into consideration when we bought actively set it our outlook.
We see that difference between geographies not just because of the geopolitical situation in Europe, but some differences between geographies in how they adapt software supply chain and how they adopt cloud.
So obviously, North America is leading with cloud migration with the big legacy industry vectors start to move to the public cloud, we see EMEA following, but in a slower pace and APAC is really at the beginning of adopting platform solutions, they are still at the basics of DevOps.
The second thing that we see is that security, especially in North America, and more specifically, software supply chain security, after the White House lounge should be saying that this is part of the regulation is part of every CIO agenda for 2023.
And this is why we were very focused on having JFrog Advanced Security for 2023 and not later this year. So, I assume that we will keep seeing this trend, elongated process more sea level signups we will see this. But alongside that, in North America, cloud growth will still happen. And security will still be top in line of the CIO and the CISOs list..
Okay. And then maybe following up on Security and Advanced Security more specifically, can you clarify the pricing changes related to advanced security? I mean, you had Xray before.
So the introduction of Advanced Security did what to pricing? How did that affect your pricing scheme and how customers buy it?.
Yes. So Xray, as you remember, Xray is a tool that protects Artifactory. You have Artifactory is your single source of truth. And then Xray sits on top of it to make sure that your binary repository is protected. What we have done with JFrog Advanced Security is we added capability that protect you from left and right to Artifactory.
Left means how you protect your static code analysis, how you protect your source code, how you protect your development environment, right mean, how you protect your runtime environment, container security, secret detection and contextual analysis.
So basically, JFrog Advanced Security is, is the price on top of the current subscription that focuses on security for the pool software supply chain. Xray is part of the current subscription, which protect your Artifactory.
Now speaking of left and right Artifactory, we are looking at power spend of over a billion dollar left to Artifactory developers security and around $4 billion on the right to Artifactory, which is more on time and production environments. So we are very excited about what JFrog Advanced Security can bring in addition to our business..
Okay. So just to clarify that they're slowly I think you mentioned that the prepared remarks are Jacob, I don't remember that. About 40% of customers already have Advanced Security. So, we've in a quarter two, already, almost half of your customers are paying extra for this or it just seems such a rapid adoption of an incremental paid solution yet.
Your numbers didn't move into material kind of a way to suggest that deed has any meaningful impact helped me reconcile the two?.
Yes, I think that what we said is that 40% of our customers already have Xray. This is not Advanced Security..
Got it..
Advanced Security is on top of that, and requires an upgrade to a more superior subscription..
Got it. And how what percent of your customers have that/.
We are just in the very early beginnings. We launched JFrog Advanced Security few weeks ago. And in the next few weeks, we are going to introduce JFrog Advanced Security for on-prem customers. So we are in the very early beginning. And we hope to see that all the extra users will also upgrade to use JFrog Advanced Security..
Appreciate it. Thank you so much..
Your next question comes from the line of Michael Turits with KeyBanc. Your line is now open..
Hey, guys. Thanks. So macro question first. So some of these trends in cloud optimization and floor migrations were already taking place last quarter, you can see that in the hyper scalar numbers and other places.
But you and other people in what's called cloud native development had strong quarters in third quarter and didn't seem to be seeing that impact.
So, so what's changed? It's just it's one quarter further into that optimization, or are we actually seeing more new software development projects may be cancelled, slowed down or less developers hired, is that the change from last quarter to this quarter?.
Yes. What we're seeing is more pronounced optimization of the cloud, cloud usage. And also somewhat delay in the cutover migration to cloud where some, some customers put on hold they migration spending, additional approvals, from sea level while they stopped already investing into expansion of their own self hosted solutions..
Right. Yes.
Explain that when I'm trying to get at is whether or not new development projects are slowing in a meaningful way and if that's changed from last quarter?.
Yes, I'll say that we Michael, if you run an on-prem environment, and you already have the strategic approval to move to the public cloud, what we see now is that you're holding and that's, that's a very big chunk of the migration process pipeline that we had.
The second thing was that cloud, especially at the end of the last quarter, what we've seen is that maybe it's because of the year end, maybe because of budget reasons, reasons. But we've seen our cloud users go and optimize the cloud usage, both in storage and data transfer.
And the last thing is that there are some hybrid users that are now deploying less funds in the on-prem, and not yet deploying more funds in the cloud, we had more conversation with sea levels than ever before that are waiting for final bite budget approval. So the main change that we've seen between the end of last quarter today is around that..
Okay, I'll just keep it at that one since we're at the top of the hour. Thanks..
Your next question comes from the line of Rob Owens with Piper Sandler. Your line is now open..
Thanks for taking my question. This is Ethan on for Rob. I just wanted to kind of ask a little bit more on the IoT opportunity. I know there's some mention of that the prepared remarks and kind of where the market that we're at right now.
Are you seeing customers coming to you actively seeking this out? Are you still kind of in an education part of the cycle right now where you're helping customers understand that you have this capability and that you're able to provide them with this type of automated release deployment with software? Thank you..
Yes. Thank you, Rob, for this question. As you remember, in Q3, we reported a one big project that already adopted JFrog Connect. The IoT over-the-air update mechanism we now have in pipe, few other projects coming from very big customers that want to extend the Artifactory and security usage all the way to the connected devices.
We are excited about that. That part of the solution that we wanted to see an end to end all the way to the device, and it's still happening..
Thank you. That's it for me..
There are no further questions at this time. I turn the call back to Shlomi for closing remarks..
I'd like to thank you all for your attendance today and looking forward to staying in touch. Thank you everyone..
This concludes today's call. Thank you for attending. You may now disconnect..