JFrog Ltd. (FROG) Q4 2025 Earnings Report, Transcript and Summary

Ladies and gentlemen, thank you for joining us, and welcome to the JFrog Fourth Quarter and Fiscal Year 2025 Financial Results Call. [Operator Instructions] I will now hand the conference over to Jeffrey Schreiner, Head of Investor Relations. Jeffrey, please go ahead.

Thank you, Nicole. Good afternoon, and thank you for joining us as we review JFrog's Fourth Quarter and Fiscal Year 2025 financial results, which were announced following the market close today via a press release. Leading the call today will be JFrog's CEO and Co-Founder, Shlomi Ben Haim; and Ed Grabscheid, JFrog's CFO. During this call, we may make statements related to our business that are forward-looking under federal securities laws and are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, including statements related to our future financial performance and including our outlook for the first quarter and full year of 2026. The words anticipate, believe, continue, estimate, expect, intend, will and similar expressions are intended to identify forward-looking statements or similar indications of future expectations. You are cautioned not to place undue reliance on these forward-looking statements, which reflect our views only as of today and not as of any subsequent date. Please keep in mind that we are not obligating ourselves to revise or publicly release the results of any revision to these forward-looking statements in light of new information or future events. These statements are subject to a variety of risks and uncertainties that could cause actual results to differ materially from expectations. For a discussion of material risks and other important factors that could affect our actual results, please refer to our Form 10-Q for the quarter ended September 30, 2025, which is available on the Investor Relations section of our website in the earnings press release issued earlier today. Additional information will be made available in our Form 10-K for the year ended December 31, 2025, to be filed with the SEC on February 13, 2026; and other filings and reports that we may file from time to time with the SEC. Additionally, non-GAAP financial measures will be discussed on this conference call. These non-GAAP financial measures, which are used as a measure of JFrog's performance should be considered in addition to, not as a substitute for or in isolation from GAAP measures. Please refer to the table in our earnings release for a reconciliation of those measures to the most directly comparable GAAP financial measures. A replay of this call will be available on the JFrog Investor Relations website for a limited time. With that, I'd like to turn the call over to JFrog's CEO, Shlomi Ben Haim. Shlomi?

Thank you, Jeff. Good afternoon, and thank you for joining our call. 2025 was a remarkable year for the Frogs. We didn't just fire on all cylinders, we set the pace. JFrog paved the way for securing and managing the software supply chain in the area of AI, expanded our product portfolio, innovated at a faster pace than ever before and built deep partnerships with the world's leading companies to strengthen our value to enterprise customers. We delivered quarter after quarter, exceeding our commitments and pairing solid growth and expansion with strong business discipline and operational efficiency. This is what strategy-focused execution and shared belief look like. And it's what makes this journey special for us. On today's call, Ed and I will walk you through our fiscal year 2025 results in more detail, share our fourth quarter performance and discuss our outlook and guidance for 2026. In fiscal year 2025, JFrog's total revenue was $531.8 million, up 24% year-over-year. Cloud revenue for 2025 was $243.3 million, representing 45% year-over-year growth. In Q4, greater than $1 million customers grew to 74 compared to 52 in the year-ago period, equaling 42% year-over-year growth. Customers spending more than $100,000 annually, grew to 1,168 compared to 1018 in the year-ago period, equaling 15% year-over-year growth. These strong consistent results reflect our alignment with modern enterprise market needs as software continues to transform how the world operates. JFrog's 2025 performance highlights a clear trend. As human developers and AI agents generate software at a massive scale, the resulting surge in binaries demands a trusted platform to manage, secure and govern them end to end. This reinforces JFrog's leadership as the foundational infrastructure for software delivery in an agent-driven world. Now I will discuss our success in Q4 in security, cloud and AI. Security first. In 2023, we set out to support our customers by giving them a complete chain of cyber trust from code creation to production. When we launched JFrog Advanced Security and JFrog Curation, we evolved rapidly from securing artifacts within JFrog Artifactory with JFrog Xray to offering end-to-end trust and governance. JFrog has now has established itself as a complete system of record for software supply chain security that protects companies binaries, software packages and AI models even before software enters the organization. We strategically challenged the security point solution market by unifying security and DevOps on a single platform built on one source of truth. We believe that's the only scalable way to protect our customers' software supply chain. The pain was real, the threat was growing, and our results in 2025 reaffirm that this approach was the right one. In today's AI-driven software environment, that source of truth becomes mission-critical. Organizations need a secure center of gravity and the foundational platform that stores, manages and governs all artifacts where they're created by humans or machines. Against this backdrop, we will continue to build JFrog as the system of record, the single source of truth that all developers and code agents rely on to securely manage and govern every binary and AI artifact in the software supply chain. Just as we reported, strong early results for JFrog Security in 2024, our 2025 annual reporting reflects another year of significant momentum and success of our security solutions. In 2025, JFrog Security Core products, excluding contributions from JFrog Xray, became an even more meaningful growth engine for the company. As of December 31, 2025, JFrog Advanced Security and JFrog Curation comprise over 10% of our total ARR. This past year, we built on strong RPO growth momentum, driven by increased cloud usage, DevOps adoption and our Security Core products. We are pleased to report that in 2025, JFrog Security represented 16% of our ending RPO compared to 12% in the prior year and nearly doubled long-term revenue commitments. This growth highlights not only the rapid adoption of JFrog Advanced Security, JFrog Curation or both by hundreds of our customers, but also the broad opportunity ahead to provide value to the thousands of existing enterprise customers over time. JFrog Security Solutions tightly coupled with JFrog Artifactory, enabled end-to-end software supply chain protection and are now offered as a bundle add-on with our enterprise subscriptions, increasing ASP, expansion in cloud usage and triggering multiyear commitments. This approach resulted in tangible growth for JFrog. [ Cohort ] indicates that customers adding JFrog Security drove a strong account expansion, with growth extending beyond security and into broad product portfolio usage. We are pleased with our financial performance and the execution of our enterprise go-to-market teams. Our security, RPO and pipeline numbers show strong momentum carrying into 2026. Our success in security also reflects the deep alignment with the evolving threat landscape. Attackers are increasingly targeting the software supply chain through software packages. Our customers and community described the recent Shai-Hulud npm incident as a mega attack on software supply chain, exposing millions of JavaScript developers echoing the impact of Log4j, PyPI and other recent security events. JFrog customers using JFrog Curation as the firewall remained protected. From the world's leading enterprises with tens of thousands of developers to a small development shop, JFrog Curation enforce policies, secured the software supply chain and prevented business impact. Expanding our security offerings in 2025, we also announced the availability of AI catalog and agentic remediation capabilities to address emerging challenges created by the introduction of AI models and agent-generated code into the software supply chain. JFrog is the mission-critical infrastructure of the company's primary software assets, the binaries. As more code is generated by human developers and AI coding agents, a tsunami of binaries is being created. More binaries, artifacts and model lead to a greater need for trusted infrastructure that manages secure and govern the software supply chain at scale. We anticipate these growing needs will drive sustained customer adoption of our holistic security solutions through 2026. Second, cloud. As we noted earlier on the call, 2025 was a year of high-quality sustained growth in our cloud business. We delivered 45% year-over-year growth while remaining highly disciplined in usage management and continuing to migrate customers toward annual commitments. In addition, we drove a higher volume of security deals in the cloud, strong new logo wins and deeper marketplace partnerships. During the year, we strengthened our partnerships with all major cloud providers, improved our commercial terms and established a stronger long-term gross margin strategy. Our cloud momentum was also supported by focused investments in service performance and availability. The continued build-out of our global SRE organization enhanced sales incentives and the consumption-based pricing model aligned with the market standards. Customer purchasing decisions changed in 2025 as CIOs were less focus on mega cloud migration initiatives and instead, increasingly emphasize building fit-to-purpose, hybrid and multi-cloud architectures as they adopted new AI solutions. Looking ahead, we see trends that we believe will continue to mature. First, clarity. While cloud remains the preferred deployment environment, CIOs are seeking greater clarity, cost predictability and ROI as they assess the full impact of AI adoption at scale. along with the evolving security and regulatory requirements that comes with it. As AI adoption matures and clarity improves, we anticipate CIOs will increase investments in cloud infrastructures. Second, AI-driven software package ecosystem, such as PyPI, Hugging Face, NPM, Conda or Docker are driving consumption spikes from both developers and AI agents, in some cases, going beyond customers' commitments. This has the potential to be a tailwind for JFrog, and we expect customers to align commitments once usage patterns stabilize. We will continue to provide guidance based on customers' annual commitment and proactively derisk exposures to volatile usage-driven and sizable deals. Our go-to-market strategy will remain focused on converting usage overages into annual commitments. Looking ahead, we believe that in 2026, we will continue to deliver durable growth in the cloud. Finally, I will address AI and MLOps. In 2025, we strategically built the foundation of JFrog ML as part of our platform to deliver the capabilities enterprises will increasingly require to automate speed, trust and control across the modern life cycle. At the same time, we introduced advanced functionality and integrations that extend beyond traditional B2B workflows into the emerging business-to-agent market. We released JFrog's MCP server as a core integration layer, enabling AI agents and LLMs to securely interact with the JFrog platform. We introduced the JFrog AI catalog for model discovery and governance, extending the platform to manage AI and ML models like other software packages. We also announced agent-based security and remediation, leveraging agent capabilities to drive detection and automated recovery. To strengthen our position as a system of record for all AI artifacts, we partnered with NVIDIA Enterprise AI Factory to serve as its secure NIM model and artifact registry while also partnering with Hugging Face to secure the world's leading open-source hub for models supporting trusted enterprise consumption of AI. Looking into 2026, our roadmap includes capabilities designed to expand our growth and to support JFrog's users needs, whether human machines or hybrid engineering teams of developers and AI agents. These expanding use cases represents a significant opportunity for JFrog. The market is experiencing a tsunami of binaries accelerating by AI. JFrog was built from day 1 to handle exactly this asset at this scale. And we are focused and fully committed to providing the infrastructure modern software organizations need to confidently embrace the AI-driven revolution. With that, I'll turn the call over to our CFO, Ed Grabscheid, with an in-depth recap of Q4 and 2025 fiscal year financial results as well as our updated outlook for Q1 and the fiscal year of 2026. Ed?

Thank you, Shlomi, and good afternoon, everyone. We are very pleased by the results of the fourth quarter, exceeding the high end of the range on every metric we guided for the quarter. It was a strong finish to an outstanding year, highlighting our consistent execution, operational discipline and durable business model. During the fourth quarter of 2025, total revenues equaled $145.3 million, up 25% year-over-year. For fiscal year 2025, total revenues were $531.8 million, up 24% year-over-year. Fourth quarter cloud revenues grew to $70.2 million, up 42% year-over-year and represented 48% of total revenues versus 43% in the prior year. Our growth in the cloud was driven by customers expanding annual commitments and increasing demand for JFrog Security Core as ongoing NPM incidents during the quarter accelerated customer adoption. For the full year 2025, cloud revenues equaled $243.3 million, up 45% year-over-year. Full-year cloud revenues equaled 46% of total revenues versus 39% in the prior year. During the fourth quarter, our self-managed or on-prem revenues were $75.1 million, with full year 2025 equaling $288.5 million or up 11% year-over-year. Aligned with our strategy, we continue to proactively engage our on-prem customers to migrate DevSecOps workloads to our cloud or explorer solutions better align with their specific use cases. including hybrid and fit-for-purpose deployments. We experienced another year of strong customer adoption of the complete JFrog platform, driven by customers looking to consolidate their technology stack and secure their software supply chain. In Q4, 57% of total revenues came from Enterprise Plus subscriptions, up from 54% in the prior year, while delivering year-over-year revenue growth of 33%. Driven by the ongoing execution of our enterprise go-to-market strategy and broader customer adoption of the JFrog platform, revenue contributions from Enterprise Plus subscriptions grew 36% year-over-year in 2025. Our Security Core products, which exclude any benefit from JFrog Xray, continue to gain momentum as customers actively consolidate point solutions. For the full year of 2025, Security Core revenue was 7% of total revenues, with our Security Core products now comprising more than 10% of our ending total ARR. Driven by an increasing number of large multiyear commitments to JFrog, our Security Core represented 16% of remaining performance obligation, or RPO, as of December 31, 2025, compared to 12% in the prior year. Net dollar retention for the four trailing quarters was 119%, an increase of 1 percentage point from the prior quarter, highlighting the continued adoption of our Security Core products and increased cloud data consumption, resulting in higher customer commitments. We continue to demonstrate that our customers view JFrog solutions as mission-critical to their software supply chain with gross retention that equaled 97% as of the fourth quarter of 2025. Our customer count in fiscal year 2025 equaled approximately 6,600. During the year, we continued to execute on our strategy, focusing on our go-to-market initiatives around the enterprise. We further matured our approach by refining our customer logo methodology to eliminate friction for our customers and sales teams. This resulted in the consolidation of approximately 300 lower ASP subsidiaries into their parent entity. Our team also prioritized new customer acquisition, specifically targeting opportunities that land with higher value and greater expansion durability. Now I'll review the income statement in more detail. Gross profit in the quarter was $121.6 million, representing a gross margin of 83.7% versus 83.2% in the year-ago period. We remain focused on cloud hosting cost optimization as we anticipate a larger share of our revenues being generated from the cloud. Given our expected increase in cloud revenue contribution to total revenue, we estimate annual gross margins to be in the range of 82% and 83% in 2026. Operating expenses in the fourth quarter were $95.8 million, equaling 66% of revenues. This compares to $75.6 million or 65% of revenues in the year-ago period. We remain focused on expense discipline while we continue to invest in strategic initiatives. Our operating profit in Q4 was $25.7 million or an operating margin of 17.7% compared to $20.9 million, an 18% operating margin in the fourth quarter of 2024. For the full year 2025, we delivered non-GAAP earnings per share of $0.82, a 26% increase year-over-year, assuming approximately 122 million weighted average diluted shares. This compares to $0.65 in the prior year and 115 million weighted average diluted shares. Cash flow from operations equaled $50.7 million in the fourth quarter. After taking into consideration CapEx requirements, our free cash flow reached $49.9 million or 34% margin compared to $48.4 million and 42% margin in the year ago period. For the full year 2025, we generated $145.7 million in operating cash flow and $142.2 million in free cash flow, a 27% margin. Now turning to the balance sheet. We ended 2025 with $704 million in cash and short-term investments compared to $522 million at the end of 2024. As of December 31, 2025, our RPO totaled $566 million, a 40% increase year-over-year. This performance highlights the successful execution of our go-to-market strategy as customers continue to make larger multiyear commitments to our DevSecOps offering. And now let's turn to our outlook and guidance for the first quarter and full year of 2026. As we enter 2026, we are encouraged by the strength in our pipeline and a stabilized purchasing environment. While we are monitoring the increased cloud usage and early AI workload trends that could result in a tailwind for JFrog, our guidance philosophy will remain unchanged as we continue to derisk our largest deals due to timing uncertainties and any benefit from cloud usage above contractual commitments. Our outlook reflects growing contributions from our JFrog Security Core products, ongoing adoption of our full platform and cloud growth driven from higher annual customer commitments. We estimate full year 2026 baseline cloud growth to be in the range of 30% to 32%. Given the anticipated contribution from our security core and baseline and cloud growth assumptions, we expect our net dollar retention rate to be 117% for 2026. Turning to operating expenses. We will remain focused on investing in innovation across our platform and reinforcing JFrog's role as a system of record for all binaries and AI models. The weakening U.S. dollar against global currencies has created a year-over-year headwind for our operating expenses and is reflected in our operating profit guidance. We remain committed to a disciplined spending philosophy and are confident in our ability to manage expenses in line with prior execution. For Q1, we anticipate revenues to be in the range of $146 million and $148 million, with non-GAAP operating profit anticipated to be between $25 million and $26 million and non-GAAP earnings per diluted share of $0.20 to $0.22, assuming a share count of approximately 127 million shares. For the full year of 2026, we anticipate a revenue range of $623 million to $628 million, representing 17.5% year-over-year growth at the midpoint. Non-GAAP operating income is expected to be between $106 million and $108 million and non-GAAP diluted earnings per share of $0.88 to $0.92, assuming a share count of approximately 128 million shares. Now I'll turn the call back to Shlomi for some closing remarks before we take your questions.

Thank you, Ed. In today's market, nearly every company is looking to capitalize on AI. But in 2025, when the world's leading AI native company selected JFrog as the core infrastructure for the software supply chain, it was clear validation of our strategy. They became JFrog customers, not only for our industry-leading platform, but because we have become the trusted system of record for binaries, the foundational asset powering modern software delivery. The adoption of our platform indicates that our roadmap is strongly aligned with where the industry is headed. As [ by ] engineering and coding agents accelerate software creation enterprises are facing a massive surge of binaries that must be managed, automated, secured and governed across the software supply chain. This dynamic clearly differentiates JFrog as the trusted enterprise platform in the age of AI. 2025 is now in the rearview and I'm proud to say that what we committed to our partners, customers and shareholders was consistently delivered. Despite significant macroeconomic and geopolitical challenges the JFrog team rose to new heights. This period has also carried deep personal weight for many in our Israeli team. After years of pain, finally, all hostages are back at home. We move forward with renewed hope for peace, stability and a better future for the region and the world. To my Frogs, thank you. 2025 was a challenging year of uncertainty, yet a remarkable one for us. You didn't just live through it, you won it. And for that, I'm proud and grateful. As we step into 2026, we remain committed to quality growth, responsible investments, expanding our solutions to meet emerging needs and bringing us all on lip closer to realizing our liquid software vision, a world where every software flow is effortless. And with that, thank you for joining our call and may the Frog be with you. Operator, we are now open to take questions.

[Operator Instructions] Your first question comes from the line of Sanjit Singh with Morgan Stanley.

This is Oscar Saavedra on for Sanjit. Thank you for taking my question and congrats on the great results. Really nice to see the continued growth on the cloud. I wanted to touch maybe on the customer count. I understand the intentionality of you're focusing more on the higher propensity to spend, larger customers, and we see that on the 100,000 customer add. But how should we think about that going forward? And how far along we are in that transition? Should we continue to expect that count to come down while the larger customers go up? Any additional color there would be helpful.

Yes. Thank you. This is Shlomi. I'll take this first question. So we are focused on our strategy, building for the enterprise, as we said 3 years ago. And you can see the results on the customers over $1 million, the significant growth of there. You can see the results on the customers that are spending over $100,000 R&D and the increasing spending over there. This is our strategy. This is where our go-to-market is focused on. And sometimes, it means that we will have to let go to low-ASP customers and to be focused on our customers. We also noted that we've made our internal consolidation to avoid friction in our go-to-market team and to focus our team on the big enterprise opportunities. And that by itself was at approximately 300 logos. And also, I should note that this includes the geographies regulation like churn in China, Russia and other regulatory decisions. So we are very pleased with the stability and the growth. But more important than that, the fact that the customers that we brought in, hundreds of new customers that we brought into our portfolio are spending much more on ASP growing faster and adopting not just DevOps, but also DevOps Security and other services in the cloud. So in the bottom line, it's very much aligned with our strategy and reflects our commitment as we enter the year.

Your next question comes from the line of Radi Sultan with UBS.

My question is for Shlomi. Like it seems like every quarter we're seeing another security incident, you had the NPM attacks. And Q3 and Q4, you mentioned another one. I mean, are these becoming less like onetime events and more just like structural growth drivers? Like are we just permanently in a higher-threat environment and maybe we should be penciling in a more consistent contribution from these types of incidents going forward? Or how should we think about sort of the long-term contribution from just the higher-threat environment we're in today?

Radi, this is a great call out of what's happening today. There are more and more attacks over the software supply chain. Attacking the software supply chain by hackers means that they are going after the software packages, the binaries. It started 3 years ago, this trend with Log4j, then python, then and now NPM and Shai-Hulud in three different incidents. Every customer, every enterprise, every software organization understand now that software supply chain is not protected if the software packages if the binaries are not protected. Now putting aside this threat that is kind of floating over every company now, code agents become far more faster in how they create code and therefore, create more binaries, using more open source software packages. So this threat and this trend is something that we anticipate that will only grow. And therefore, we build our JFrog security suite to tackle this threat.

Your next question comes from the line of Michael Cikos with Needham.

Some very encouraging data points and appreciate especially the RPO growth and ARR contribution when thinking about security as far as demonstrating that this truly is a platform and the attach you're seeing. One of the things I wanted to come back to, and we've been feeling on our side, with the heightened threat environment and some of these hacks, which unfortunately feel a little bit more commonplace now, is there a general rule of thumb where we would be able to draw parallels between a hack of the NPM size would -- what that would equate to in revenue. Is there any broad parallels we could draw from? Or is it really just happenstance, depending on what part of the ecosystem is being hacked? Anything there would be beneficial.

Thank you, Mike. It's Shlomi. I'll take this one. The only responsible way to look at the potential revenue growth is to look at the amount of enterprise customers in our portfolio that still didn't adopt the JFrog security. And while we are growing by 100 every year and the ASP is kind of growing significantly, there is still a lot of room to grow within our portfolio. JFrog Curation, in the last two quarters, is exploding mainly because of the fact that the threat is real, the scale is required and you have to move fast. And big companies are not taking any risks, especially in today's changing environment. The second thing that I should note, Mike, is that most of our new enterprise lenders, what I referred to before when we spoke about the new logos, are already adopting JFrog platform with security. So there are three avenues of growth. Number one, customers that are still not using JFrog security and will, hopefully. Number two is with new logos that are joining enterprise logos. Again, we are not buying logos. We are going after the enterprise logos that are subscribing from the get-go with security. And number three is the number of projects and the scale within the companies that already adopted JFrog Security, and we still have room to go over there.

Your next question comes from the line of Miller Jump with Truist.

I'll echo my congrats for the acceleration this year. So Shlomi, I wanted to come back to your comment about the tsunami of binaries accelerated by AI. For the customers that have increased their commitments, are you still seeing them grow and consume beyond these re-up commitment levels? And can you give any more color around the consumption change for customers that have leaned into coding agent deployments versus the broader customer base?

Great question, Miller. This is going to grow, and we call it tsunami because this is what we see. When we are reviewing the data on a weekly basis, we see how much more software artifacts are being created, how many binaries are being compiled. And that's mainly because of the fact that every developer now became a super developer. And we hear how well the code agents are doing the Anthropic, the Open AI, the Gemini AI. These agents are faster than developers. They are powering developers and therefore, creating more binaries. When you create more binaries, you need a single source of truth to go to whether you are an agent or a developer. And this is where JFrog into the picture, to secure, to govern, to build a trusted software supply chain for you and for your agents. So think about the number of developers, call it, millions of developers in the world today, powered by millions of agents and therefore, the result would be many more binaries. And hopefully, we will see it also in the scale of JFrog.

Your next question comes from the line of Mark Cash with Raymond James.

Yes. I think just on me, if I could ask, with all the [ code gen ] tools, we're just kind of talking about there, creating more software, you have new bottlenecks emerging in the software pipeline, so just kind of curious if you're thinking about AppTrust in 2026 being maybe the next catalyst to alleviate governance and regulatory pressure in adopting AI agentic tools organizations are going through right now?

Most of the very important highlights of our roadmap throughout the year since we established JFrog, came from a real enterprise need. And our customers told us last year, "Listen, we are faster now with DevOps and we are more secured with DevSecOps. But there is a new bottleneck, which is governance, and this is going to be even more painful when it's not only humans that are building code and compile to binaries, but also agents." So AppTrust is tackling that exactly. We are addressing this pain of automated governance with all the evidence, again, storing JFrog Artifactory is a system of record. And whether this code was generated by a developer or by a code agent the governance and the regulation before the binary go to production will come out from a single source of tools, and this is what AppTrust is addressing to solve.

Your next question comes from the line of [ Zane Meehan ] with KeyBanc Capital Markets.

I'm on for Jason Celino today. I wanted to ask about your AI native customers. In the past, you've talked about having three of the top 5 AI natives, which is obviously great. But for the other two or maybe any of the adjacent players that aren't using JFrog, what would they be using? And how confident are you that you can eventually win them as well?

This is -- every company now want to call it an AI-native company. When I'm speaking about the big players, I'm speaking about those that are moving the market and calling the trend and setting the standard. And they chose JFrog to be their power grid, to be the solution that will run their software supply chain. They build around Artifactory as their system of record, and they are using JFrog Xray to scan that and to collaborate and integrate with the ecosystem. The other two, I don't know if it's two or more. I don't know what they are using. But from what we hear, some of them are evaluating tools and some of them are building their own tools. Slowly, as we are going over release that our go-to-market team built together throughout the year, we're bringing them one by one. So I hope that every quarter, I will report another one that chose JFrog not only as a partner or an ecosystem player but also as a customer.

Your next question comes from the line of Kingsley Crane with Canaccord.

Shlomi, you've had JFrog Fly in beta a bit now. You've had MCP server integrations out for a bit now. I'm just curious, what kinds of usage trends you're seeing with either [ Fly ] or the MCP server and just what that tells you about how customers workflows are changing and then how you're positioning around that?

Yes. Well, this is, Kingsley, a very important move that we've done during the year we understand, and I call it out on the script, we understand that the business to business is how we build JFrog so far. In the future, it will be a business to agent market. And if I want agents to become my person of my customers, then I need to give them access to interact with my platform. This is where the MCP server comes in. But it's even greater than that. MCP itself is also a binary. So we start to see more and more of our customers using JFrog Artifactory, as the single source of tools for all MCPs in the market. So it's not only that agents will use JFrog as the blessed kind of area to pick up binaries from, but also other players will use JFrog to place their MCP servers in. Now if you do that, if people work with one system of record, then consistency happens, secured solution governed software supply chain before the release production is important. And with the MCP server, agents can now interact with the JFrog platform as well.

Your next question comes from the line of Brian Essex with JPMorgan.

Maybe one for Ed. A bit of an acceleration in both sales and marketing and R&D in the quarter. Would love to get maybe a framework of how you're thinking about investment on both sides of those, and how you expect that to materialize through fiscal '26? And maybe as part of that, maybe if we get the FX impact both for the quarter as well as what you're thinking about contemplating in your guidance.

Sure. Let me first start with Q4 in the sales and marketing. What you're seeing is end of the year bonuses that flow through in our expenses, and that's what's actually happening there in Q4. But as we step forward into 2026, the reason we called out the weakening U.S. dollar, as you know, more than 50% of our headcount is distributed globally. So we wanted to call that out. We have a very strong hedging program. So most of that risk is already covered and it's captured in our operating margin guide already. We also have a very disciplined operational execution in terms of maintaining expenses. So we continue to invest, but we continue to make sure we're doing it smart. Anything that we see in terms of the potential outperformance on the top line, we would still consider a meaningful portion of that to flow into operating margins.

Your next question comes from the line of Shrenik Kothari with Baird.

Thanks a lot. Apologies for my bad voice. But just beyond the foundational models that you touched upon, we are now a secure model registry for NVIDIA AI Factory, for Hugging Face, arguably two of the most strategic on-ramps to model consumption. Just curious, Shlomi, how are these top-down partnerships driving new logos for you, number one? And two, when it comes to monetizing this unique position, where are they on the adoption curve for "the additive [ lives ]" that you've described in terms of AI catalog adoption then AppTrust and a chance to remediation?

Yes, Shrenik, we managed to expand our platform so successfully with security and with MLOps and with DevOps and distribution that every time that we have another partnership powering the community, it's kind of spread across all of these elements of the platform. Specifically with NVIDIA, beyond the fact that it validates JFrog as the single source of tooth for all AI tools and for models, it's also aiming to the enterprise, as we mentioned before. This is our strategy. NVIDIA is being used by the enterprise. They are selling GPUs. We are providing them with a secured area for models interaction. And this supports the enterprise. Hugging Face, however, is a different scenario. Hugging Face can be a top of funnel for JFrog because it's the open-source hub, but it's also support most of our customers that are using Hugging Face as a local repository for the models that they bring from outside. So they will have a secured environment. Now when we are looking forward into 2026, the two integrated to fail philosophy is something that we are not only collecting feedback from the market of what they would like to see, but also how can we serve them better not just the human developers but also the agents. How can we serve better in Anthropic Opus 4.6? How can we serve better an open AI agent? Because these are the new tools that are now using JFrog as their system of [ eco ].

Your next question comes from the line of Ittai Kidron with Oppenheimer.

Congrats guys. Real nice solid finish for the year. I guess I got a couple of questions, one for each of you, for you, Ed. Nice to see the progress there on the security, and I appreciate the disclosure there. If one would do a back of the envelope and strip out your security out of your business, what would that imply that the core business, excluding security is growing? Is there acceleration there, leveling off deceleration? Any color there would be great. And then for you, Shlomi, I would love to think about '26. What, from your perspective, are the greatest risks to your business right now? And maybe clearly, with what's going on in the world right now in the context of AI and how they could potentially do everything, including our laundry; I guess my question is to you, in what way do you view -- in what way could AI be a risk to your business?

I'll start here, and then Shlomi can finish. We gave you the results at the end of the year for the revenue contribution that's coming from security. And it's still a relatively small piece in terms of that contribution to the top line. We go to the market as a platform, selling together both Artifactory and Security together. So we don't want to carve that out. The results that we show you on the top line were impressive. That included security. We're very happy with the direction that it's going. The sales team are instructed to sell together the solution and the offering, which we believe when you go to the market together with Artifactory in security, you secure your software supply chain at scale, what is needed for today's customer.

Yes. I'll answer the risk question, Ittai. It we are all standing at the edge of a cliff. Some people will tell you that we are going into a world of productivity. You mentioned laundry. Some people gave us other examples. And some people will tell you that we are all going to be replaced by robots. I think that for the business, and this is my job as the CEO, is to make sure that we are focused, that JFrog is differentiated and bring value to our enterprise customers. And what we see now is that we keep building for the future with them. Just a few days ago, Elon Musk tweeted that code is going to be replaced, the only outcome will be binary. It's reinforces again what we keep saying for the last 15 years, binary is the primary asset, this is where we should be focused. And my biggest risk is that I will get confused and start to follow trends and not serve my enterprise with what we do best, being the system of record.

Your next question comes from the line of Jason Ader with William Blair.

I hope I could speak two in as well. One quick one for Ed. One for Shlomi. For Ed, trying to understand the $800 million FY '27 revenue target, is that just kind of aspirational at this point just because it would require a pretty massive revenue acceleration in '27? And then for Shlomi, I know you guys priced Artifactory on capacity. So it should logically follow that the tsunami binaries that you called out should accelerate growth in your core solution. Are we seeing that at all yet? Or is that still to come? And when do you think that could come?

Mike -- Jason, I'm sorry, I'll start with the question regarding the $800 million on the long-term model. Listen, at the end of the day, we're focused on delivering and executing in 2026. That's what we're guiding to at this point. When we look at the results over the last 3 years, we're on track with that number. It does not reflect our conservative or responsible guidance philosophy, but the focus right now is on delivering in 2026.

I'll take it from here and speaking about conservatism. We see, as we mentioned in the call, we see a rise on the AI-related binaries being consumed by our customers. We manage PyPI, NPM, Docker, Conda and others. But as Jason, we are not kind of promising metrics. We are being very, very disciplined with our guidance. And we commit -- when the customers commit, then we guide the market. We guide you by commitments and not by usage. So yes, we see spikes. And yes, it's an uplift to our performance. But we will not guide based on this data transfer until it will follow a customer commitment. And customer commitment usually comes when usage is stabilized and not based on trends.

Your next question comes from the line of Andrew Sherman with TD Cowen.

Great. Shlomi, has demand for Curation continue to accelerate post the second NPM attack in late November? Does this pull any deals forward into Q4? And how much is the pipeline for that up year-over-year?

Yes. So Curation, listen, we are not celebrating these attackers coming after our customers. But obviously, we benefit from it because there was a very clear value that Curation both -- Curation is a tool that is out in the market for almost 2 years, and it's mature and it was ready, and it was ready not only in terms of the risk but also in terms of the scale, not only that we performed amazingly in Q4 because of the NPM incident, but also build the pipeline moving forward, as I mentioned in the call.

Your next question comes from the line of Jonathan Ruykhaver with Cantor.

Yes. Congrats on a fantastic 2025 guys. Shlomi, I would love to hear more details around what you're seeing in terms of the potential convergence of the DevOps tool chain to address MLOps. And specifically, are they seeing the benefits of a -- or do they understand the benefits of a potential unified pipeline, particularly around security in governance? And I guess, lastly, as a part of that, just what are you seeing in terms of adoption trends for JFrog ML and your expectations for that in 2026?

Yes. JFrog ML was included in -- I think it was Q2 or Q3 this year in our platform. And some of our customers are already using JFrog ML to manage their full models life cycle. We treat model as a package model is yet another binary. So by providing them with these capabilities, we are reinforcing the fact that JFrog is the central trusted source of tooth not only for the legacy artifacts, but also to the new artifacts, which are modeled. I think that this will be evolved as the market evolves. MLOps will not stay as it used to be before the days of LLMs and what we see now is that code agents are also starting to kind of interact with the JFrog platform for any push and pull of binaries. So overall, it's growing, it's evolving. This entire landscape is changing, and we are tracking it, and we will keep you posted on it.

Your next question comes from the line of Eamon Coughlin with Barclays.

Congrats on the continued execution. I just wanted to go back to the MLOps motion and how to think about that opportunity. Can you help us understand that consumption profile, like what that would look like for an LLM maybe compared to a traditional binary? And then what makes JFrog well positioned to be the default LLM repository for these enterprises?

Yes. The MLOps solution is actually going after providing the CI/CD experience for models. It started with small models and then the world in the last year evolved and so is our tools and our platform. The idea around it in terms of consumption is that if you treat model as a binary, which it is, then we should see more data transfer and we should see more storage. I think that there is a better potential for monetizing on storage because models by definition, are bigger binaries than the others. So we see -- since our pricing model is a consumption-based model, if we drag models to use the MLOps capabilities of JFrog together with the security and the storage, you should see our consumption going high. And therefore, the commitment of the customers will go higher. And this is something that we are tracking closely and looking forward to see the results.

Your last question comes from the line of Lucky Schreiner with D.A. Davidson.

Perfect. Congrats on the strong results here. If I look at cloud revenues, they seemed a little bit maybe the more stable quarter-to-quarter this year compared to historically. Maybe just on the seasonality side, as cloud revenue becomes a bigger portion of revenue, should we expect a little bit more stable seasonality? Or is it still the same as you target large enterprises in these larger deals, no change on that front?

Well, when you think about the cloud revenue, you need to think about three different things. Our first is our guidance velocity, which we derisk for those largest deals as well as usage over minimum commitments, including emerging AI trends, that is what creates variability on a quarter-over-quarter basis, and that is excluded from there. And as you mentioned, it's also now a greater portion of our revenues. But when you think about sequential growth today, it would be linear until we start to layer in any usage if that potential continues or these large deal wins.

There are no further questions at this time. I will now turn the call back to Shlomi for closing remarks.

Thank you, everyone. 2025 was a great year. We are looking forward to 2026, and we are very excited about the changes in the market and the new players in the market that we are looking forward to collaborate with. May the frog be with you, and maybe you have a wonderful Valentine's Day.

This concludes today's call. Thank you for attending. You may now disconnect.