JFrog - Q1 2023
May 3, 2023
Transcript
Operator (participant)
Ladies and gentlemen, thank you for joining us, and welcome to JFrog's Q1 2023 earnings conference call. I'll hand the conference over today to Jeff Schreiner, VP of Investor Relations. Jeff, please go ahead.
Jeff Schreiner (VP of Investor Relations)
Good afternoon, and thank you for joining us as we review JFrog's Q1 2023 financial results, which were announced following market close today via press release. Leading the call today will be JFrog's CEO and co-founder, Shlomi Ben-Haim, and Jacob Shulman, JFrog's CFO. During this call, we may make statements related to our business that are forward-looking under federal security laws and are made pursuant to the safe harbor provision of the Private Securities Litigation Reform Act of 1995, including statements related to our future financial performance, including our outlook for Q2 and the full year of 2023. The words anticipate, believe, continue, estimate, expect, intend, will, and similar expressions are intended to identify forward-looking statements or similar indications of future expectations.
You are cautioned not to place undue reliance on these forward-looking statements, which reflect our views only as of today and not as of any subsequent date. Please keep in mind that we are not obligating ourselves to revise or publicly release the results of any revisions to these forward-looking statements in light of new information or future events.
These statements are subject to a variety of risks and uncertainties that could cause actual results to differ materially from expectations. For discussion of material risks and other important factors that could affect our actual results, please refer to our Form 10-K for the year ended December 31st, 2022, filed with the SEC on February 9th, 2023, which is available on the investor relations section of our website and the earnings press release issued earlier today.
Additional information was made available in our Form 10-Q for the quarter ended March 31, 2023, and other filings and reports that we may file from time to time with the SEC. Additionally, non-GAAP financial measures will be discussed on this conference call. These non-GAAP financial measures, which are used as measures of JFrog's performance, should be considered in addition to, not as a substitute for, or in isolation from GAAP measures. Please refer to the tables in our earnings release for a reconciliation of those measures to their most directly comparable GAAP financial measures. A replay of this call will be available on the JFrog Investor Relations website for a limited time. With that, I'd like to turn the call over to JFrog's CEO, Shlomi Ben Haim. Shlomi.
Shlomi Ben Haim (Co-Founder and CEO)
Thank you, Jeff. Good afternoon to you all, and thank you for joining the call. I'm pleased to report that JFrog's Q1 2023 revenue exceeded our prior guidance range, driven by increased cloud usage by our customers and continued adoption of the mission-critical JFrog platform, even in challenging economic environments. Our 2023 Q1 revenue was $79.8 million, reflecting 25% year-over-year growth. Our cloud usage accelerated in the quarter, delivering revenue of $25 million, increasing 49% year-over-year. Customers with ARR over $100,000 grew to 785 compared to 599 in the year ago period, increasing 31% year-over-year. Customers with ARR over $1 million increased to 21 versus 16 in the Q1 of 2022, up 31% compared to the year ago period.
Our Q1 results demonstrate strong execution in tough macroeconomic environment, highlighting the resiliency of our DevOps, cloud, and security initiatives powered by the JFrog platform. I want to address what specifically made Q1 a strong quarter for JFrog. First, while we continue to operate in challenging environments, our customers have pushed forward expanding their infrastructure with JFrog as a mission-critical piece of their software supply chain management toolkit. While some companies may be delaying or rescoping projects, we are seeing they ultimately need to move forward with high-value initiatives based on solutions like JFrog. As a result, in Q1, we did see some deals that had been pushed out from Q4 of 2022 reach the closing stage this quarter. As an example, our strategic sales team was proud to migrate our customers, Wix, to JFrog Cloud Services based on their strategic DevOps workload migration initiative.
Wix is a world leader in the cloud-based web development platform domain, providing powerful services and a vast collection of templates to millions of customers worldwide, simplifying website building for individuals and companies. In order to update their application with speed, security, and reliability, Wix realized their on-premise infrastructure would not allow for the agility and scalability they required, leading them to embrace cloud services for their DevOps pipeline. In partnership with the JFrog strategic customers team, Wix defines their software supply chain end-to-end from code to production at scale, saying, quote, "Every month, we are transferring massive amounts of data between our development teams, production environments, and our customers.
JFrog Cloud Services is a high-scale, resilient, mission-critical component of our production system, managing container images and software packages of different technologies in multiple regions with full redundancy and full tolerance for our customer-facing applications." End quote. That is Adam Spector, the VP of Engineering of Wix. He also noted, quote, "Migrating our DevOps workload to JFrog's multi-region, highly available software supply chain platform with Artifactory at the center allows our team to better support Wix's growth by providing reliable and innovative services." End quote. JFrog stands out in the DevOps and DevSecOps market by offering a hybrid and multi-cloud solution, which allows our customers to fully manage and secure their binaries across their software supply chain while migrating to the cloud at their own pace. We anticipate partnering with more companies like Wix to power strategic development initiatives at the world's most demanding enterprises.
Second, I'm pleased to say Q1 showed early indicators of growth in our partners ecosystem and the ongoing efforts to expand our co-sell and channel partner motion. For example, a large partner in Japan brought in a key win for JFrog, one of the most recognizable insurance brands in Asia via our reseller channel. In another example, a top federal partner was able to secure a net new project leading to an enterprise class full platform subscription deal in support of a United States federal agency. We continue to believe the global partner motion, in addition to our robust strategic sales and direct sales motion, will expand in 2023. Third, in Q1, despite customers taking steps to be more efficient in their cloud consumption, we saw acceleration of cloud usage in both pay-as-you-go and annual SaaS customers.
As businesses continue to streamline, they rightfully look for ways to be more efficient. With that in mind, JFrog continues to solidify its position within company, enabling efficiency, accelerating speed of development, and delivering secure software releases that provide competitive advantage. We're confident JFrog will continue to grow its cloud business in 2023, mainly due to increased usage and ongoing migration from self-managed subscription toward hybrid or multi-cloud environments. Now allow me to expand on some broader themes that we anticipate will continue to fuel JFrog in 2023 and beyond. Let me begin with cloud and hybrid. Our customers tell us, and we observe it in the community, that cloud migration and strategic hybrid topology adoption remain a top priority for most enterprises. We believe JFrog is uniquely positioned to support enterprises as they migrate at their own pace, handling both on-prem and cloud simultaneously.
Many of these initiatives are multi-quarter or multi-year efforts, and we're proud to help new and existing customers drive success in these areas. This was a common theme our top customers highlighted at our LEAP event, an intimate gathering of some of JFrog's influential customers that included representatives from many of the world's most recognizable enterprises. As part of customers' cloud migration journeys, they were excited to hear that our advanced security solution would be available in a hybrid model to support both emerging and historic workloads. Our holistic security capabilities differentiate us from other vendors, and we're proud to be strategic partners as our customers migrate and manage DevOps and DevSecOps across their journeys. To illustrate this from a business perspective, we recently welcomed a leading payment and financial services provider to the JFrog software supply chain platform.
This company had previously relied on Sonatype Nexus to manage their DevOps processes on-prem, but was looking for a more scalable, multi-region capable and hybrid solution. We're excited to support them in their journey as they advance their cloud-first and customers app-driven services for more than 30 million customers. Next, I would like to highlight DevOps and security tooling consolidation. As more tasks and responsibilities are shifted left to developers and DevSecOps teams, there is increasing difficulty in managing multiple point solutions for each task. This is especially evident in security tooling, where point solutions can force developers to use handfuls of tools and try to make sense of data, action, and reporting, leading to long, incomplete remediation cycles, which can ultimately leave companies vulnerable. We believe we have a great opportunity to displace and consolidate functionality of multiple tool sets and even entire security companies.
Many customers look at their DevSecOps tooling portfolio and see Nexus Firewall, Synopsys Black Duck, Snyk, Checkmarx, Aqua Security, just to name a few, as point solutions for many capabilities. This can include open source software curation and scanning, code scanning, container security, environment protection, and more. We understand this fall is not sustainable for developers or the business. By addressing multiple areas of security in one platform, we believe JFrog's holistic DevSecOps tooling is well-positioned to address customers' needs across their software supply chain. As additional value, we combined with the power of the JFrog platform with Artifactory as the single source of record for DevOps. Our customers can control and secure their entire pipeline from developers to device. The JFrog security approach is to provide a comprehensive platform-driven solution that we're confident will bear fruit as the software supply chain security market matures.
We see early indicator of this in Q1, for example, with our JFrog Platform customer, InterVenn Biosciences, a life science company pioneering glycoproteomics that aims to make the new era personalized, predictive, and preventative care a reality. After initially choosing JFrog Artifactory for end-to-end binary lifecycle management, companies like InterVenn are positioned to standardize many security capabilities with the JFrog Platform, while point solution in the market increasingly becoming redundant to JFrog security capabilities. In addition to commercial adoption of our security tools, we were excited that the recent RSA Conference to be recognized by the Global InfoSec Awards as the most comprehensive DevSecOps solution. We look forward to building on our commercial success and industry recognition as we continue to listen to our customers' needs across our security portfolio.
Third, I would like to focus on the ever-increasing need for both speed and trust in the software release cycles. At our LEAP Conference, some of our leading customers were very clear. They have a need for speed, but cannot sacrifice security and reliability across their global infrastructure. We were excited to welcome presentations by not just one of the top automotive companies in the world, and one of the top IT firms in the world, but also one of the top global gaming development companies with hundreds of millions of players across the last decade. We were proud to see how their rapid release cycles were powered by the JFrog platform, providing them with a global scale, highly available, fully federated architecture, keeping their developers productive and delivering software with trust. Next, I want to highlight an important executive staff update.
JFrog made a strategic hire in March, proudly welcoming our new CIO, Eran Azarzar. Eran has over two decades of experience in IT and cybersecurity, developing global systems and implementing leading security strategies. Under his leadership, we look forward to accelerating and scaling our corporate infrastructure, allowing us to serve customers even more efficiently while impacting the bottom line. Welcome, Eran. In closing, I'd like to reflect on JFrog's commitment to profitable long-term growth and cash flow generation while creating value for both our customers and shareholders as we focus on execution across the business.
Driven by the strength and adoption of the JFrog platform and our expectations for future contributions from the platform security core, we believe our operating model can achieve a five-year revenue CAGR of 22%-24% through fiscal year 2027, which would imply a potential revenue range of $775 million-$825 million, while delivering free cash flow in the range of $200 million-$240 million, implying estimated margin of 26%-29%. With that, I'll turn the call over to our CFO, Jacob Shulman, who will provide an in-depth recap of Q1 financial results, update you on our guidance for Q2 and for fiscal year 2023, as well as provide more details on the assumptions within our long-term models. Jacob.
Jacob Shulman (CFO)
Thank you, Shlomi, good afternoon, everyone. During the Q1, total revenues were $79.8 million, up 25% year-over-year. Our stronger-than-expected revenues in the quarter were driven by ongoing customer adoption of the JFrog platform and higher-than-expected contribution from our cloud business. In the Q1, our cloud business saw a sequential improvement in usage, delivering revenue of $25 million, up 49% year-over-year. While the improvement in usage helped drive high quarterly revenues, we don't believe the overall industry trend related to optimization is completely in the rear view mirror. We remain cautiously optimistic that the first wave of customer optimization is likely behind us and anticipate our customers will grow with JFrog in a more efficient manner going forward.
We view the recent increase in usage by our customers as a positive signal that the need to generate software continues to be a secular trend. See the customer optimization efforts as short-term adjustments driven by macroeconomic challenges, not a shift in how infrastructure software is utilized. We still anticipate our baseline growth rate within our cloud business will remain in the mid-forties during fiscal year 2023, with any potential upside generated by increased customer usage. Self-managed revenues or on-prem were $54.8 million, up 17% year-over-year during the Q1. Overall expansion within self-hosted has slowed relative to prior year results, given the shift by large customers towards hybrid deployments, which have favored expansion into the cloud.
We believe the announced release of JFrog Advanced Security for self-hosted, which occurred during the Q1, can be a catalyst for revenue growth and customer expansion. Net dollar retention for the 4 trailing quarters was 124%, a decline of four points due to the macro headwinds. Our gross retention continued to be 97% with no change in overall customer churn trends. In Q1, 44% of total revenue came from Enterprise+ subscriptions, up from 35% in Q1 of 2022. Now let me discuss our income statement in more detail. Gross profit in the quarter was $66.2 million, representing a gross margin of roughly 83% compared to 84% in the year-ago period. Higher mix of our cloud business impacted gross margins on a year-over-year basis.
Operating expenses for the Q1 was $63.5 million, up only $1 million sequentially, equaling 80% of revenues compared with $53.2 million or 84% of revenues in the year-ago period. Our year-over-year growth in operating expenses reflects ongoing investments in our go-to-market motion, security, and strategic sales team. Non-GAAP operating profit in Q1 was $2.7 million or a 3.4% operating margin compared to an operating profit of $543,000 or 0.9% operating margin in the prior year. We delivered another quarter of positive net income equaling $5.9 million or $0.06 per diluted share based on 107 million diluted shares outstanding versus a year-ago income of $158,000 or $0.00 per diluted share.
Turning to the balance sheet and cash flow, we ended the March quarter with $447 million in cash and short-term investments, up from $443 million as of December 31, 2022. Cash flow from operations was -$1.1 million in the quarter. After taking into consideration CapEx, free cash flow was -$1.4 million or -2% free cash flow margin. Our operating cash flow and free cash flow margin were negatively impacted during the quarter due to the timing of billings and prepayments for license renewals. This does not change our expectations for low double-digit free cash flow margins in fiscal 2023. As of March 31, 2023, our remaining performance obligations totaled $210.6 million.
Before providing our guidance, I would like to discuss in more detail the underlying assumptions in our long-term target model. Our estimated five-year revenue CAGR of 22%-24% through fiscal year 2027 assumes the current macroeconomic conditions would persist for several quarters and implies our cloud business will remain the primary driver of growth. We believe on an annual basis, contribution to cloud growth will likely be driven primarily by customer expansion of subscription tiers and use cases, our new advanced security add-on, and to a lesser extent, cloud migrations. Our assumption for our self-hosted business implies growth driven primarily by expansion of use cases and adoption of our end-to-end platform, including the security core. Given higher expected mix of our SaaS revenues, we would anticipate our gross margin to trend lower toward the range of 80%.
In line with our prior targets as a percentage of revenues, we anticipate spending on a non-GAAP R&D would be a range of 20%-22%. Investment in sales and marketing on a non-GAAP basis should move from 38% in fiscal year 2022 to a range of 26%-28% by 2027. Overall spending on a non-GAAP G&A should trend toward a range of 8%-10% by 2027, down from the 14.6% reported in fiscal year 2022. Based upon our forecast for revenue, gross margin, and non-GAAP operating expense, we would anticipate a range of non-GAAP operating income of 21%-23% compared to the 0.5% margin reported in fiscal year 2022.
Assuming an additional 5%-6% for delta between non-GAAP operating income and free cash flow implies a potential fiscal year 2027 free cash flow margin range of 26%-29%. This would suggest, on a dollar basis, free cash flow greater than $200 million by 2027. We believe this long-term target model reaffirms JFrog's commitment to profitable growth, something embedded in the company's DNA for years. We see the adoption of the JFrog platform and the addition of its recent security core as critical infrastructure software solutions, allowing our customers to manage, secure, and distribute binaries across their software supply chain. I'd like to speak about our guidance for the Q2 and full year 2023. Our full year 2023 expectations continue to estimate strong growth in our cloud business.
We reiterate our belief that our trailing 12-month net dollar retention will be in the low 120s for the fiscal year 2023. We forecast continued expansion in our operating and free cash flow margins through fiscal year 2023, given our continued focus on profitable growth. For Q2, we expect revenue to be between $82.5 million-$83.5 million, with non-GAAP operating profit between $3 million-$4 million and non-GAAP earnings per diluted share of 4-5 cents, assuming a share count of approximately 108 million shares. For the full year of 2023, we anticipate the revenue range between $341.5 million and $345.5 million.
Non-GAAP operating income is expected to be between $19 million and $20 million, and non-GAAP earnings per diluted share of $0.19-$0.21, assuming a share count of approximately 110 million shares. Let me turn the call back to Shlomi for some closing remarks before we take your questions. Shlomi?
Shlomi Ben Haim (Co-Founder and CEO)
Thank you, Jacob. We are excited to see that our customer base across multiple verticals, geographies, and implementation types continue to see JFrog as mission critical. As we leap ahead in 2023, I want to thank the JFrog team for delivering on a quarter that exceeded the goals we set. The Frogs passionately work to support our customers and drive success in a complex market across DevOps, security, and IoT. Thank you all for your attendance, and may the frogs be with you. Now we'll be happy to take your questions. Operator?
Operator (participant)
At this time, if you would like to ask a question, please press star then the number one on your telephone keypad. If you would like to withdraw your question, press star one again. Your first question comes from the line of Sanjit Singh with Morgan Stanley.
Sanjit Singh (Executive Director)
Thank you. Congrats to the team on a solid start to the year. I wanted to start a little bit with the demand trends that you saw throughout the quarter. You guys put, you know, service tech companies, but also large enterprise companies as well as banks. Coming off some of the headlines around Silicon Valley Bank, what were sort of some of the demand trends from a booking perspective, in the back half of March and then the early reads on April and May?
Shlomi Ben Haim (Co-Founder and CEO)
Yes. Hi, Sanjit, and thank you for the question. This is Shlomi. Regarding the demand that we've seen in the Q1, it was actually, as described, split in three things that we have seen. First, our strategic team going direct after some pipeline that was pushed out from 2022 and fulfilled it. Second, by partners that promoted the JFrog platform, and our partner team works closely with them, both for new opportunities and existing customers expansion. Third, obviously, the cloud, which was the main change between the last quarter of the previous year and this Q1 of this year.
Cloud consumption looks like coming back, especially because of the fact that JFrog provides an infrastructure cloud service, so optimization goes to a limit as you understand, and we started to see the numbers climbing back.
Jacob Shulman (CFO)
If I may add to that, Sanjit.
Sanjit Singh (Executive Director)
That's-
Jacob Shulman (CFO)
With regards to the cloud consumption, it started, the quarter started very similar to the Q4 trends and then accelerated as we progressed through the quarter.
Sanjit Singh (Executive Director)
Understood. Yeah, that's very helpful context. Then I guess a question on the long-term model. I guess I was a little surprised to see you introduce those five-year targets. If I look at the revenue growth today, we're growing sort of the low to mid-20s, and the five-year view basically says that growth will sustain, I know, 22%-24%. Can you talk about what gives you the confidence to, in this highly uncertain environment, to, you know, to have the confidence to go out there with a five-year view on growth and on free cash flow margins? If you could give us any sort of context. I think Jacob walked us through some of the assumptions, but is it gonna be a function of additional products?
Is it gonna be a function of security becoming a larger part of the business? Are you going into other marketing segments? Just sort of unpack the growth equation for us.
Shlomi Ben Haim (Co-Founder and CEO)
Yes, we base the models, basically on two vectors that we believe we will see additional sustainable growth in the next five years. One of them is the cloud business, our cloud services. As you know, we projected and guided that this will go at the mid-40%, and we see this trend still coming in. The portion of revenue that comes from the cloud versus the on-prem, it still goes as we project, so we think that it will have further contribution in the next five years. Second, we invested a lot in security. We released this quarter the self-hosted version of JFrog Advanced Security. In the last quarter of 2022, we released the cloud version of it.
We believe that security will play a significant role and will bring, material, revenue impact in the next five years.
Sanjit Singh (Executive Director)
I appreciate the context, Shlomi. Thank you.
Operator (participant)
Your next question comes from the line of Pinjalim Bora with J.P. Morgan.
Pinjalim Bora (Executive Director and Equity Research)
Hey, guys. This is Noah on for Pinjalim. Thanks for taking our questions. You know, first, you know, what has been the impact, if any, from the Advanced Security SKU for self-managed that launched in March? Just also have a quick follow-up.
Jacob Shulman (CFO)
Yes. The self-hosted version of Advanced Security was just launched in early March, and it did not have any material impact on the quarterly results. We're happy to see the customer engagement. We have first customers in production, but it's for the quarter itself, it wasn't material.
Pinjalim Bora (Executive Director and Equity Research)
Got it. Then I guess, you know, what would be the rationale behind introducing number of developers as a pricing lever for advanced security? It also seems like the price for the Enterprise X for cloud came down dramatically. You know, what was driving that decision?
Shlomi Ben Haim (Co-Founder and CEO)
Yes. Advanced Security is a new product for us, and there are several goals we wanted to achieve by introducing this metric. First of all, it should be seamless metric between SaaS and self-hosted. Second, it should be comparable to the competition into the market. When, as we said, we have a lot of expectation that this solution will replace and help to consolidate other solutions, other point solutions in the market. To help our customers to compare the business value also with the technical value, that also the decision was to go buy seat.
Lastly, we see a lot of opportunities as this product will continue to expand, and our customers will continue to consolidate on this product going forward. I would add to it the fact that, first of all, as Jacob mentioned, the market is used with the security solution around the DevSecOps to a buy seat model. This is one aspect, but we also have to remember that this is coming. Our security solution, JFrog Advanced Security solution, comes on top of the current subscription. We had to come up with a model that also makes sense for our customers to pay more than the base subscription.
Pinjalim Bora (Executive Director and Equity Research)
Great. Thank you so much.
Operator (participant)
Your next question comes from the line of Brad Reback with Stifel.
Brad Reback (Managing Director)
That's great. Thanks very much. Shlomi or Jacob, as you sort of think about the optimization commentary that you guys presented here, any sense of the accelerating usage coming from net new workloads as opposed to customers just, you know, finding fewer ways to save money?
Shlomi Ben Haim (Co-Founder and CEO)
Your question referred to the cloud business?
Brad Reback (Managing Director)
Yeah, Shlomi. Exactly.
Shlomi Ben Haim (Co-Founder and CEO)
What we charge for in the cloud, and this is very much aligned with the best practices in the market, is for storage of binaries and data transfer of binaries. Optimization goes around this for both new customers and existing customers. Our cloud business is split between annual commitment and monthly commitment. On the monthly commitment, we see more new business, which is, I think what you referred to in your question. The annual commitment, we saw that the optimization that we experienced in the last quarter of the previous year start to climb back to the numbers that we saw. Obviously, we hope to see that these commitments are being renewed during the year.
If I may add to that, as we see our customers adopting full platform, so our platform is not just used in developer environment, also used in production environment. Definitely cloud usage is driven by not just standardization of customers or for development environment, but new workloads that reflect the operational activities as well.
Brad Reback (Managing Director)
That's great. Very helpful. Then just high level, I've gotten a few questions on this. Is there any disproportionate vertical exposure in the customer base, or is it fairly broad-based? Thanks.
Shlomi Ben Haim (Co-Founder and CEO)
It is fairly broad-based. We have very diversified customer base. None of our customers represents more than 2% of our revenue. The largest verticals for us would be the financials and the tech industry.
Brad Reback (Managing Director)
That's great. Thank you very much.
Operator (participant)
Your next question comes from the line of Mike Cikos with Needham.
Mike Cikos (Senior Analyst)
Hey, guys. You have Mike Cikos on the line here, thanks for taking the questions. If I could just build off the last question for a second. I know that you guys are citing financials in the tech industry as the largest two verticals, I think it was a little surprising given the level of enterprise exposure that you guys have, let's say that financial services exposure specifically, that you guys didn't seem to be impacted by maybe some of this broader financial shock to the system we're seeing with some of the regional banks. Can you help us think through maybe why you or why your solution or why the growth with your customers seem to be a little bit more immune versus some of the chatter we've heard from other companies that are reporting this season?
I have a follow-up as well.
Shlomi Ben Haim (Co-Founder and CEO)
Yes, Mike. I think that, when you look at the market, whether it comes from, one sector versus the other, the infrastructure is a matter of will you or will you not build software. I don't know any bank or any other organization that will stop build and release software, and this is our business. We have a reason to believe that this is a bit more sustainable than applications or other services that are provided in the cloud. The second trend that we see is that both on-prem and cloud are going to coexist and stay in different industries.
The fact that we provide both of them, and sometimes both of them at the same time to the same organization, give our customers the flexibility to move between the cost that they have on a self-hosted infrastructure base like JFrog versus the consumption-based in the cloud, and manage the migration based on their own pace.
Jacob Shulman (CFO)
If I may add to that, we see our products provide tremendous value in organizations of larger scale that are spread out in different regions, global organizations. Therefore, Mike, we do see ourselves more installed on like top-tier financial institutions and to a less extent exposed to smaller, regional banks.
Mike Cikos (Senior Analyst)
Got it. Thank you. That was gonna be something I was gonna drive at next, Jacob. I appreciate you calling out the lack of exposure with regional banks. Then I guess if I could just have my follow-up here. I know that a lot of people are circling around the commentary you guys offered regarding the accelerating cloud usage through one Q. I think it'd be helpful, at least from my perspective, I know that you said one Q started with very similar trends to what you guys had seen in four Q. Two points here. One, during one Q, when did the trend start to normalize or return to a more typical, I guess growth algorithm versus where you guys had been in four Q and the start of one Q?
Any commentary you'd be able to provide on how that trend played into April. I imagine that's one of the things you guys are factoring into your guidance here for 2Q. I think both of those data points would be helpful around the cloud consumption.
Jacob Shulman (CFO)
see, uh, our, uh, cloud usage, uh, growing faster in the month of March. And in April, we did see kind of similar trends. Obviously, our guidance assumes certain level of conservatism. We said on the call that we don't think that the optimization is fully behind us. We do expect that our customers will continue to grow more efficiently, and so there's still a lot of uncertainty in the market, and therefore, our guidance does assume some level of conservatism.
Mike Cikos (Senior Analyst)
Appreciate the commentary. Thank you, guys.
Operator (participant)
Your next question comes from the line of Kingsley Crane with Canaccord.
Kingsley Crane (Senior Equity Research Analyst)
Hi, thank you. One for Shlomi and one for Jacob. Seems like a significant portion of the immediate opportunity for Advanced Security is in on-premise. How incremental is the Advanced Security update compared to only having it for cloud in the past? How much of this is baked into the fiscal 23 guidance?
Shlomi Ben Haim (Co-Founder and CEO)
The JFrog Advanced Security and the self-hosted version is actually answering our hybrid philosophy and strategy. The majority of our customers are still using a self-hosted version, therefore, we think there is a lot of room for growth there. It's based on an identical model as the cloud, which is a by seat. We think that there's a lot of room to go with the self-hosted JFrog Advanced Security. The second reason that we were excited to announce that this quarter was that most of the point solution that we are aimed to displace with the JFrog platform and with Advanced Security on top of it are self-hosted solution.
We know that the market is fragmented, and we are coming with a solution both for the cloud and self-hosted with the financial model that is aligned also with the target of this space.
Jacob Shulman (CFO)
Yes. Kingsley, we said that, we expect material contribution from Advanced Security products in fiscal 2024. We're ramping up. We're very happy with the customer engagement. We see a lot of opportunities, we expect material contribution from Advanced Security in 2024.
Kingsley Crane (Senior Equity Research Analyst)
Okay. Thank you for the color. One more. You're solidly profitable today. Just wanna think about capital deployment moving forward. What's the appetite for M&A in terms of valuation and ability to integrate an asset? Also stock at these levels, would a stock buyback be something you would ever consider?
Jacob Shulman (CFO)
Yeah. First of all, our board is constantly looking at ways to optimize capital structure and consider different options. In terms of M&A, we see a lot of opportunities in the market. We operate in a fragmented market. We believe in the future there will be opportunities which we will act on if they come.
Kingsley Crane (Senior Equity Research Analyst)
Okay. Very helpful. Thank you.
Operator (participant)
Your next question comes from the line of Koji Ikeda with Bank of America.
Koji Ikeda (Director and Enterprise Software Equity Research)
Hey, guys. Thanks for taking the questions. I wanted to go back to some of the commentary that you had from a prior question and also in the prepared remarks about optimizations and where you don't believe that optimizations are fully behind. You know, you said you feel the first wave is behind, but optimizations are not fully behind. It seems like you're alluding to there might be a second wave here, or maybe I'm reading into them too much. You know, what are you hearing or seeing out there that makes you believe, you know, there may be another wave or another optimization wave could be coming? Is there a certain geography or vertical that you're thinking about? You know, help us understand that kind of commentary that you had.
Jacob Shulman (CFO)
No, it's, we don't expect second wave. What we see is that continued effort by our customers to use cloud in more efficient manner. As you know, Koji, we charge by data transfer and storage. Storage is more immediate optimization, provides more immediate optimization results. And data transfer more longer term optimization process. We see that our customers very cost oriented. The budget's still tight and they want to be in budget because otherwise they would require additional approvals. What we see is that customers continue to use the products because it's infrastructure play. They continue to grow with us, but they will continue to grow with us in a more efficient manner going forward.
Shlomi Ben Haim (Co-Founder and CEO)
Koji, I would add to it, the different segments that we see. There are companies, big enterprise, that are in the process of migrating to the cloud and might slow down because they still have their on-prem solution for infrastructure. They use JFrog, they are in the process of migrating and might slow down with how much workload they move to the cloud. There are the others that already migrated or signed with us already with a cloud solution to start with, and these guys will probably have to prioritize infrastructure versus other activities that they have, in the cloud. In both scenarios, we are being very careful with, what we project.
We don't want to say that the optimization is behind us, but the big wave of optimization that we saw in the last quarter of the previous year, was more significant than what we saw this quarter. This is why we have reason to believe that the market is slowly coming back.
Koji Ikeda (Director and Enterprise Software Equity Research)
Got it. No, thank you. On the 2027 target, the revenue target, assuming a 20 to 2 to 24% CAGR there. Just wondering what sort of embedded assumptions you have in that, specifically from an NRR perspective. Thanks, guys. Thanks for taking my question.
Jacob Shulman (CFO)
We expect our net dollar expansion to be in high teens, up to 120% over the course of this period.
Koji Ikeda (Director and Enterprise Software Equity Research)
Got it. Thank you. Thank you very much.
Operator (participant)
Your next question comes from the line of Ittai Kidron with Oppenheimer.
Ittai Kidron (Managing Director and Senior Analyst)
Hey, guys. Thanks. Nice quarter. Since Koji asked about the fiscal 2027 guide, I'll start with that as well. The margin targets you have for that year are slightly lower than what you had in your previous long-term model. Can you elaborate a little bit on that, the reasoning behind it?
Jacob Shulman (CFO)
High contribution from SaaS. We do expect, as a result of that, it's probably more impact on free cash flow because SaaS is tend to be more shorter term contracts today, at least. We don't have many multi-year contracts in the SaaS business, and SaaS becoming bigger portion, that's what will probably impact slightly the free cash flow. In terms of profitability, I think we provide the same targets
Ittai Kidron (Managing Director and Senior Analyst)
Okay. On, on the upside in the cloud in the quarter, can you double-click on that a little bit? Is there any color you can provide on how broad that was? Were there one or two, three customers that really jumped up their usage? Any vertical or region where this was more pronounced? I'm just trying to kind of find a common denominator there.
Shlomi Ben Haim (Co-Founder and CEO)
Yes, Ittai. So first to the question whether it was one customer or across the board, we saw it everywhere, not by geography, not by sector, and not by one customer. It was a trend. I think that most of the companies were instructed at the end of the previous year to cut costs on hosting, and they moved very fast. As Jacob mentioned before, the low-hanging fruit, storage and the cleanup of the repositories, and now they had to start the year and start to rebuild their infrastructure to enable the service. We started to see it coming back. No specific sector or geography or customer. Climbing back is normal for us. It took time. It didn't start on January.
It started at the end of the quarter, and this is where we saw it starting to climb back.
Ittai Kidron (Managing Director and Senior Analyst)
Lastly for me on the Advanced Security, nice to see that come on premise. I guess on the hosted. I guess Shlomi, I'm trying to get into the long-term potential of this, the attach rate of this to your base. Do you think there'll be differences that the attach rate of Advanced Security to of SaaS customers is gonna be any different than non-SaaS customers? Can you talk about what is the dollar uplift usually for a SaaS customer adding this versus a non-SaaS customer adding this? Thank you.
Shlomi Ben Haim (Co-Founder and CEO)
When we are looking at the portfolio, we have three different options. One is fully self-hosted, second is hybrid, and third is fully cloud. We started with the cloud. Obviously that was a faster time to market because the customer doesn't have to install anything and there is no hassle. You just click and start. That was a great launch for JFrog Advanced Security at the end of 2022. This quarter we released the self-hosted, which requires deeper conversation of how do you embed that with what version of the platform. That came second when we already had some practices. We think that in today's JFrog customers portfolio, the majority are still self-hosted, and the big enterprise are using multiple tools.
The majority of them will use more than 10 different tools to cover this DevSecOps. JFrog Advanced Security is very appealing in terms of consolidation, in terms of performance features, and keep their software supply chain secure. Focusing on the value that the platform brings. We hope that while they will migrate to the cloud, because as you see, we push the cloud business as well in parallel. While they migrate to the cloud, it will be a easy, smooth move because they will already have it installed, and practicing their organization. Thank you.
Operator (participant)
Your next question comes from the line of Miller Jump with Truist Securities.
Miller Jump (Equity Research Associate)
All right. Thanks for taking the question and congrats on the solid execution in the quarter. I guess first one, kinda wanna start on hiring. A lot of your competitors have pumped the brakes on hiring or, you know, even made cuts to headcount in the beginning of the year. Can you guys just talk about how you think about hiring in the current environment and how that goes with sales productivity, especially given the leverage that you just called out in your long-term model there?
Shlomi Ben Haim (Co-Founder and CEO)
Yes. I'll take that question, Miller. First of all, as you know as well, we've been growing in a very efficient manner. Our plans and execution and path to profitability have started many years ago, and this is what's embedded in the company's DNA. In the first place, we did not hire so many employees, so we didn't have to go through a reduction in force. Second, we do, we did slow hiring, and we report that actually in the H2 of last year. We focusing on improving of efficiency and profitability. We do reallocate some resources to the projects with high ROI. We close projects that don't provide some ROI. We focus on execution.
We focus on performance, and therefore we continue to do a kind of improvements on an ongoing basis, and therefore, we didn't have to go through this big headcount reductions.
Miller Jump (Equity Research Associate)
Yeah, that makes sense. I guess another question, just a trend that you called out last quarter, was some of the pay-as-you-go customers shifting to annual contracts. Is that something you continued to see, in Q1? You know, I guess, is there any impact that we should think about there as far as your guidance?
Shlomi Ben Haim (Co-Founder and CEO)
Yeah. The transition of pay-as-you-go customers to self-host, to annual is a natural progression of these customers. Typically new customers start as pay-as-you-go because they're not yet familiar with the product. They don't know yet how they're gonna be utilize them, therefore they want to be cautious. They're not willing to commit to long term. Once they use the products, they become familiar, only then they know that they want to commit and get to the maybe some discounts depending on the size of the commitment. It's a natural progression of our customer journey, and it's actually beneficial for JFrog because the longer commitment, the better the roadmap we could work on with the customer and the better value they could deliver, see from the product.
We continue to see some customers transitioning from pay-as-you-go to annual commitment this quarter, but it just Q4 was more pronounced given this additional budget strict requirements that was imposed on some of our users. To be very clear about that's as Jacob Shulman mentioned, also part of our strategy. We would prefer to have customers committed to an annual contract and to build the roadmap with them, build the platform with them as it's aligned with the strategy. This will only happen if they will be committed to a long run. Yes, we will see it, but it's also very much aligned with the way we direct our strategic sales team to push it.
Operator (participant)
Your next question comes from the line of Jonathan Ruykhaver with Cantor.
Jonathan Ruykhaver (Managing Director)
Yeah. Hey, guys. nice quarter. I'm wondering if you could talk about, you know, how you feel, around the opportunity with pipelines. You know, I know that the focus has been on Artifactory and by design you have built, I think, numerous integrations with other CI/CD tools. Any updated thoughts on how you see your positioning there, anything you might be doing around innovation and/or packaging or pricing that might change that opportunity with pipelines?
Shlomi Ben Haim (Co-Founder and CEO)
Yes, thank you for this question. JFrog Pipelines is a JFrog CI/CD solution to better automate the process within the platform. Remember the business that we are in is moving binaries from one stage to another. JFrog Pipelines is probably the best way to automate these processes, not just in terms of from build to test to release, but also in terms of automating security as part of the DevSecOps solution we provide. JFrog Pipelines completely integrates with whatever CI/CD tool you have in the market. Whether you use GitHub Actions or Jenkins or other tools, JFrog Pipelines will integrate with that. This is actually another motivated feature or product that lead our customers to adopt the full platform.
In our LEAP event that was mentioned in the script, we shared with our top customers the new capabilities of software releases from one stage, one environment to another. This is all behind the scenes powered by JFrog Pipelines. It's an integrated piece of our platform, which makes our platform more automated and ready for the next gen.
Jonathan Ruykhaver (Managing Director)
Talk about that go-to market motion with Pipelines then, because I would imagine that customers already using Jenkins or, you know, some other CI/CD tool that they, you know, would have to be sold quite heavily on the need for a pipeline.
Shlomi Ben Haim (Co-Founder and CEO)
Yeah. There are two ways to look at it. The first thing is that Pipeline is part of our platform subscription, and it would be a reason for you to upgrade from a lower subscription to a higher subscription in our model. Second, Pipeline is also consumption-based, both on a self-hosted and in the cloud. If you use more, then more than the base, then you pay more. The motivation on the customer side would be around better, faster releases that would be more secured, and we keep adding more and more features to it. Some of it is integrating with your CI/CD, which were chosen by the developers a step before, and some of it while you are implementing the platform.
Jonathan Ruykhaver (Managing Director)
Okay. That's helpful. Thank you very much.
Operator (participant)
Your next question comes from the line of Rob Owens with Piper Sandler.
Rob Owens (Senior Research Analyst)
Yeah, good afternoon, and thanks for taking my question. With all the focus around generative AI and its applicability across DevSecOps, wondering from your purview, Number one, thought process around where it could benefit your product set and interesting follow-up, I guess, the prior question. Number two, just from where you sit, potential impact on the industry. Does this lend to more opportunity for JFrog down the road? Thanks.
Shlomi Ben Haim (Co-Founder and CEO)
Yes. Obviously a great question. Thank you. Listen, AI by definition is here to replace human and human intervention in the process of building, releasing, and securing software in our domain. JFrog is a binary company. We are dealing with binaries. Obviously, the more you create, the more you build, you create more binaries, and this is for us would be a great opportunity. We were forever a machine language company, so AI is blessed because it will generate more business for JFrog. What we have to make sure is that this business is not being disrupted by automation of how you maintain binaries at work. This is from the get-go, what we build with Artifactory. Obviously, we are very excited about the opportunity.
You know, ten years ago, CI/CD generated machine work versus developers and created more work for binaries people. AI is a big opportunity for a company like JFrog. The second side of it is the security piece that we are managing. Security can be powered by AI, not only around scanning and around finding vulnerabilities and CVEs, but also in the remediation. When you have to replace a binary that is stored in Artifactory and put it in production, this can be done by AI, and we are excited about these opportunities. We are looking at the different ways of implementing a responsible AI because, as you probably know, some of the regulations are also being created as we speak now. It's not just about what feature or what trend we want to cling on.
It's how responsible should we be when we build the automation that remove the human intervention from the process and implement a smart and responsible AI. We are looking at it on the highest strategic level of JFrog. Regarding the market, what would be the result of AI? The result of AI would be how many developers can be replaced by implementing AI, and this means source code. It doesn't mean binaries. Because whether you build software with people or with machines, you build binaries, you deploy binaries, you take binaries all the way to production. What we have to make sure is that we better integrate with this ecosystem and follow the next generation of DevOps and DevSecOps that is also powered by AI and not just by developers.
Rob Owens (Senior Research Analyst)
Thank you for the color.
Operator (participant)
Your final question comes from Michael Turits with KeyBanc Capital.
Speaker 14
Hey, guys. This is Billy on for Michael. Congratulations on the results in the quarter. You know, it seems to make sense that, you know, since you're not a seat-based model, seems reasonable you'd be less impacted or not directly impacted by developer headcount reductions. Have you seen any slowing in development projects and the pace of software development as a result of, you know, developer headcount reductions across the industry?
Shlomi Ben Haim (Co-Founder and CEO)
Our customers are telling us that they have to prioritize things. That's I think the real world behind this kind of balancing that we see in the market. They have to prioritize. Maybe a year ago that they would just throw money on all kind of experiments. This year, they will take it in a bit more disciplined way. The second thing is that if you were in a process of migrating to the cloud, that will require a period of a parallel infrastructure environment. Moving your legacies to the cloud doesn't happen in a day. It will happen over a period, maybe sometimes a multi-year project. Some of them push this decision further. Although they know that strategically they would go there, they push it further.
In both ways, whether you prioritize or you are not enabling a hybrid environment, this will have an impact on our projection.
Operator (participant)
There are no further questions at this time. I turn the call back over to Shlomi for closing remarks.
Shlomi Ben Haim (Co-Founder and CEO)
I'd like to thank you all for your attendance today. We had a wonderful quarter and we are looking forward to share with you more results in the coming quarters. May the frog be with you. Thank you.
Operator (participant)
This concludes today's conference call. Thank you for attending. You may now disconnect.