JFrog - Q1 2024
May 9, 2024
Executive Summary
- Q1 2024 revenue was $100.3 million, up 26% year-over-year, with non-GAAP diluted EPS of $0.16; management stated results “exceeded the high-end of our guidance measures,” driven by strong cloud usage and Enterprise+ adoption.
- Cloud revenue grew 47% YoY to $36.9 million (37% of total), while Enterprise+ subscriptions represented 49% of revenue ($49 million), reflecting consolidation of DevOps and security tooling and larger top-down enterprise deals.
- Gross margin expanded: GAAP 79.5% and non-GAAP 85.1%, aided by the elimination of an outsourced database and cost discipline; management reiterated annual GM expectation of 83–84% for 2024.
- Guidance: Q2 revenue $103–$104 million; FY 2024 revenue raised to $425.5–$429.5 million; FY non-GAAP EPS raised to $0.59–$0.61; baseline cloud growth “mid-40s” reiterated; seasonality suggests stronger second half as projects ramp.
- Street estimates from S&P Global were unavailable; as a result, we cannot benchmark beats/misses versus Wall Street consensus for this quarter (S&P Global consensus unavailable).
What Went Well and What Went Wrong
What Went Well
- Cloud momentum: Cloud revenue grew 47% YoY to $36.9 million (37% mix), supported by usage above commitments; management: “Cloud growth above our guidance range of mid-40s was supported by increases in customer consumption”.
- Platform consolidation: Enterprise+ subscriptions contributed 49% of revenue and grew 39% YoY; CEO emphasized “continued adoption of the JFrog platform… unified Software Supply Chain Platform”.
- Margin efficiency: Non-GAAP gross margin increased to 85.1% (vs. 82.9% prior year), with CFO citing removal of a third-party outsourced database and standardization on Vdoo’s database as drivers.
What Went Wrong
- Digestion after strong Q4: Management characterized Q1 as a “digestion” quarter following heavy Q4 consumption; cloud growth was strong YoY but sequential dynamics reflected cautious customer budgeting.
- Longer security sales cycles: While pipeline is building, customers are running comprehensive POCs to consolidate multiple security tools, which extends cycles; “pipeline building on the landscape of security is taking longer”.
- Large customers and KPIs: Net adds of customers >$100K ARR were slower versus recent pace due to seasonality and digestion; management expects normalization as the year progresses.
Transcript
Operator (participant)
Ladies and gentlemen, thank you for joining us, and welcome to JFrog's First Quarter 2024 Financial Results Conference Call. I'll now hand the conference over to Jeffrey Schreiner, VP, Investor Relations. Jeffrey, please go ahead.
Jeffrey Schreiner (VP of Investor Relations)
Good afternoon, and thank you for joining us as we review JFrog's first quarter of 2024 financial results, which were announced following market close today via press release. Leading the call today will be JFrog's CEO and Co-founder, Shlomi Ben Haim, and Ed Grabscheid, JFrog's CFO. During this call, we may make statements related to our business that are forward-looking under federal securities laws and are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, including statements related to our future financial performance and including our outlook for Q2 and the full year of 2024. The words anticipate, believe, continue, estimate, expect, intend, will, and similar expressions are intended to identify forward-looking statements or similar indications of future expectations.
You are cautioned not to place undue reliance on these forward-looking statements, which reflect our views only as of today and not as of any subsequent date. Please keep in mind that we are not obligating ourselves to revise or publicly release the results of any revision to these forward-looking statements in light of new information or future events. These statements are subject to a variety of risks and uncertainties that could cause actual results to differ materially from expectations. For a discussion of material risks and other important factors that could affect our actual results, please refer to our Form 10-K for the year ended December 31st, 2023, which is available on the investor relations section of our website and the earnings press release issued earlier today.
Additional information will be made available in our Form 10-Q for the quarter ended March 31st, 2024, and other filings and reports that we may file from time to time with the SEC. Additionally, non-GAAP financial measures will be discussed on this conference call. These non-GAAP financial measures, which are used as measures of JFrog's performance, should be considered in addition to, not as a substitute for or in isolation from GAAP measures. Please refer to the tables in our earnings release for a reconciliation of those measures to their most directly comparable GAAP financial measures. A replay of this call will be available on the JFrog Investor Relations website for a limited time. With that, I'd like to turn the call over to JFrog CEO, Shlomi Ben Haim. Shlomi?
Shlomi Ben Haim (CEO and Co-founder)
Thank you, Jeff. Good afternoon to you all, and thank you for joining our call. I'm pleased to report another strong quarter for JFrog, with all metrics exceeding the high-end of our guidance range. Unification of DevOps, DevSecOps, MLOps, and MLSecOps in a single platform continues to resonate in the market, resulting in continuous expansion across the portfolio. In the first quarter of 2024, JFrog delivered total revenue of $100.3 million, up 26% year-over-year. Our Cloud revenue continued to show positive momentum in Q1, equaling $36.9 million, a growth of 47% year-over-year. Cloud growth above our guidance range of mid-40%s was supported by increases in customer consumption.
In Q1, JFrog customers with ARR greater than $100,000 grew to 911, compared to 785 in the prior year, increasing 16% year-over-year. Customers with ARR greater than $1 million increased by 3 in the quarter, now equaling a total of 40. This is up from 21 in the year-ago period, growing 90% year-over-year, reflecting the continued success of our sales team's top-down efforts and adoption of the complete software supply chain platform by the enterprise. Our customers continue to tell us that having a single system of record that allows the seamless, secure flow of binaries for DevOps and security is mission-critical to their business. In addition, we see the practices of DevOps being implemented by organizations that wish to enable the next generation of applications already incorporating GenAI and machine learning.
In the past year, we expanded the JFrog Software Supply Chain Platform to include MLOps and MLSecOps solutions as mandatory requirements to support our users alongside DevOps and DevSecOps comprehensive solutions. This unified approach led to some of the things behind our first quarter successes that will be discussed today. On our call today, we will cover the continued adoption of the JFrog Platform, including embedded holistic security solutions. Next, I will look at the cloud usage and migration trends. We will also share updates about our partners and channel go-to-market activity and game-changing technology integrations. Finally, I will share how JFrog's AI and ML solutions support the emerging needs of our customers. Let me address the adoption of the JFrog Platform by the world's largest companies.
As a unified software supply chain platform with Artifactory at its core, the JFrog Platform continues to be chosen as mission-critical partner by some of the world's most demanding and highly-regulated enterprises, who are increasingly looking to standardize on holistic solutions. One of the most recognizable financial services companies in the world, Fidelity, recently extended their relationship with JFrog to drive DevOps scale alongside security, while increasing SLA capabilities for their thousands of developers. Supporting over 42 million customers with a stated goal of over 90% of their applications in the cloud by 2026, Fidelity needed a partner with robust hybrid and multi-cloud capabilities to support their cloud-first and enterprise-scale DevSecOps vision. Gerard McMahon, Head of ALM Tools and Platforms at Fidelity, noted in a webcast with JFrog, "The whole development processes has become much more symbiotic.
You have to shift left, shift middle, and shift right. As we continue to use tools like JFrog Xray and JFrog Artifactory, security is much more ingrained into the full life cycle of software delivery." Fidelity is not alone. We see companies increasingly integrating DevOps and security strategies through tool consolidation, scalability planning, and embracing cloud, hybrid, and multi-cloud environments. DevOps stakeholders have already taken ownership of software supply chain security in most companies. But enterprises failing to streamline security tools by minimizing point solutions will face higher expenses, wasted time, inability to automate security practices, also known as DevSecOps, and possibly place the entire organization at risk. One of the strongest differentiators is the company security research team that fuels tools with unique data, often before anyone else in the market, delivering crucial value into DevSecOps processes.
Reflecting this reality, the JFrog Security Research team recently released a Software Supply Chain State of the Union report. The report revealed that many companies still have major security gaps, with only about half of companies actively scanning and securing both code and binaries. It also revealed that despite sometimes using 10 or more security point solutions, companies are unable to detect that nearly 75% supposedly-critical vulnerabilities are not even exploitable. Industry analyst Paul Nashawaty from Futurum Group noted regarding the report and its consequences, "JFrog's analysis reveals an important finding. A sizable percentage of vulnerabilities that have been reported are not exploitable. This emphasizes how crucial it is for engineers to distinguish between theoretical vulnerabilities and those that pose real concerns." Our Security Research team's reports are closely tracked by the market as they often uncover groundbreaking insights.
These findings serve as the cornerstone for enhancing our tool capabilities, ensuring JFrog Xray, JFrog Advanced Security, and JFrog Curation deliver our users unmatched DevSecOps protection. I would now like to address our Cloud business. Exiting the first quarter of 2024, we continue to see organizations looking for optimization for their cloud spend in tight budgetary environments. We are actively building the pipeline Cloud-migration and anticipate enterprise efforts will accelerate throughout the year, similar to how they approached 2023. We are also seeing cloud customers looking to standardize on best-of-breed platforms to effectively manage their software delivery. For example, JFrog customer, Informatica, recently signed a new deal to grow the JFrog Platform as the system of records for their software supply chain. Attracted to JFrog's universality, breadth of solution, and cloud-first development approach, Informatica supercharged their platform experience.
Their DevSecOps team noted, "Informatica empowers their customers to realize the transformative capabilities of their data, utilizing company's AI-powered data management platform. By partnering with JFrog and leveraging their solutions for our DevSecOps needs, we're able to take advantage of best practices across our software supply chain to improve efficiency." We expect JFrog's Cloud growth in 2024, much like the previous year, to continue to be driven by usage expansion. We anticipate Cloud-migration projects will gradually emerge, carefully managed within budget constraints. Our guidance aligns with evolving market trends, and we remain committed to collaborating with our customers and partners to facilitate the adoption of our software supply chain platform. Now, I want to address our partner and reseller network as part of our strategic channel goal. JFrog is constantly expanding our partner network across resellers, integrators, and technology partners.
As an investment in this area, we recently formalized a partnership with the leading governmental distributor, Carahsoft, to serve as a JFrog public sector reseller. Natalie Gregory, Vice President of Open Source Solutions at Carahsoft, said, "Supply chain attacks in recent years have highlighted the importance of integrating security into each phase of software development. A single source of truth for companies' binaries in a solution like JFrog Artifactory, along with integrated security as part of a holistic platform, allows JFrog to provide agencies with unparalleled DevSecOps agility and peace of mind for their software supply chain."... We anticipate further growth in JFrog's indirect and reseller sales for the enterprise as we continue to expand our partner programs across sectors and geographies. Finally, allow me to discuss the expansion of our platform to support MLOps and GenAI initiatives.
In today's hype, every DevOps tool is talking about how their solution supports or utilize AI-based practices. But beyond the buzzwords, there is a critical question: Can the solution deliver on its promises? Can the infrastructure you use effectively guide ML-powered software securely from development to production? ML models are like all other binaries that require management, security, and governance. JFrog, with this model as a package approach, once again offers a top-tier solution to the industry, enabling freedom of choice for ML engineers and responsible AI adoption by the organization. With our commitment to universality, we have always focused on making the JFrog Platform too integrated to fail. With Artifactory as the model registry of choice, we recently introduced the industry's first DevOps platform to seamlessly integrate with MLflow and Qwak platforms as we anticipate MLOps market needs.
Driven by the organic growth of our platform and customers' demand, we continue to actively integrate AI and machine learning into software supply chain practices. MLflow, a Databricks open source project, which has over 14 million monthly downloads, gives users the ability to build, manage, and deliver ML models in a streamlined workflow. Ali Ghodsi, CEO of Databricks, the data intelligence platform designed to help organizations harness the power of big data and artificial intelligence, said, "Originally developed by Databricks, MLflow streamlines the machine learning processes with a platform for experiment tracking, model packaging, and model deployment." Through a JFrog Platform integrations, users can now seamlessly utilize JFrog Artifactory as the model registry with JFrog Xray to secure the ML-model artifacts. This integration accelerates both the development and deployment phases of ML-powered applications, helping companies to drive responsible AI practices.
As noted, we also announced the JFrog and Qwak integration. Qwak is an MLOps platform designed to facilitate the construction, deployment, management, and monitoring of AI workflows, allowing users to deliver AI applications at speed and scale. This integration further expands the JFrog Platform, catering to ML engineers by providing them with a single source of truth for their models.
Alon Lev, CEO of Qwak, noted, "Integrating with a proven artifact repository like JFrog Artifactory allows Qwak to provide the automation capabilities that makes data scientists and ML engineers more efficient, while allowing DevOps and DevSecOps teams to manage ML models like any other software package in a holistic, secure software supply chain." As JFrog continues to bring together DevOps, DevSecOps, MLOps, and MLSecOps into a single enterprise-grade platform, we look forward to supporting the emerging needs of our users and aim to further expand the platform to enable ongoing consolidation needs across their software supply chains. We are excited about the growth opportunity the world of MLOps and MLSecOps introduce as part of the GenAI revolution, and we will keep expanding our platform toward the direction as it's natural leap forward for us and for our customers.
With that, I will turn the call over to our CFO, Ed Grabscheid, who will provide in-depth recap of Q1 financial results and update you on our outlook for both Q2 and full fiscal year of 2024. Ed?
Ed Grabscheid (CFO)
Thank you, Shlomi, and good afternoon, everyone. During the first quarter of 2024, total revenues were $100.3 million, up 26% year-over-year. First quarter results exceeded the high-end of our guidance range across all measures as a result of ongoing strength in our Cloud revenues and growth in our Enterprise+ subscriptions. We continue to see customers looking to consolidate their software supply chain tools towards a best-of-breed platform solution. Our results demonstrate strong execution during the first quarter. As noted by Shlomi, in the first quarter of 2024, we saw customers allocating efforts towards efficiency in their software development spend versus a focus on accelerating new projects. Cloud revenues in the quarter equaled $36.9 million, up 47% year-over-year, representing 37% of total revenues versus 31% in the prior year.
The growth in the Cloud revenues above our guidance in the mid-40%s for 2024 was driven by customer usage levels above commitments. We reiterate fiscal 2024 baseline Cloud growth around the mid-40%s for the full year. Self-managed revenues or on-prem were $63.4 million, up 16% year-over-year during the first quarter. We anticipate self-hosted revenue growth trends in 2024 will be similar to 2023. Net dollar retention for the four trailing quarters was 118%, in line with our guidance for high teens during 2024. Our gross retention rate remained at 97%. Our first quarter results saw strong customer adoption of the complete JFrog Platform, driven by customers consolidating point solutions and securing their full software supply chain.
In Q1, 49% of total revenue came from Enterprise+ subscriptions, up from 44% in the prior year. Revenue contribution from Enterprise+ subscriptions grew 39% year-over-year. Now I'll review the income statement in more detail. Gross profit in the quarter was $85.3 million, representing a gross margin of 85.1%, compared to 82.9% in the year-ago period. The increase in gross margin relative to the year-ago period is attributable to the elimination of outsourced costs derived from the synergies related to the acquisition of Vdoo and ongoing cost-discipline efforts. We reiterate expectation for annual targets remaining between 83%-84% in the near future, then trend towards the low-80s, aligned with our long-term model and Cloud growth.
Operating expenses for the first quarter were $71.3 million, up $5.2 million sequentially, equaling 71% of revenues, up from $63.5 million or 80% of revenues in the year-ago period. We continue to remain focused on expense discipline while investing in scaling our enterprise sales team, channel partner ecosystem, and strategic R&D spending. Our operating profit in Q1 was $14.1 million or 14% operating margin, compared to an operating profit of $2.7 million, or 3.4% operating margin in the year-ago period, an improvement of 10.6 percentage points. Earnings per share equaled $0.16, based on approximately 114.6 million weighted average diluted shares, compared to $0.06 per share in the prior year on 106.9 million weighted average diluted shares.
Turning to the balance sheet and cash flow, we ended the first quarter of 2024 with $579.6 million in cash and short-term investments, up from $545 million as of December 31st, 2023. Cash flow from operations was $17.5 million in the quarter. After taking into consideration our CapEx requirements, free cash flow was $16.6 million or 16.6% free cash flow margin. We remain committed to our free cash flow margin targets provided within our long-term model, implying an estimated midpoint of 28% over the coming years. As of March 31st, 2024, our remaining performance obligation totaled $261.7 million. Now, I would like to speak about our guidance for the second quarter and full year 2024.
Our outlook for 2024 implies continued momentum within our Cloud business, driven by expectations for increasing customer usage, adoption of our Enterprise+ platform, and contribution from new security products. We anticipate seasonality in 2024 to be consistent with 2023, as customer activity likely accelerates through the year, weighted more towards the second half as budgets and resources are allocated to key initiatives after focus on expense rationalization by customers during the first quarter. Given the expectation of our self-hosted and Cloud businesses, we reiterate our guidance suggesting a net dollar retention rate in the high teens exiting the fiscal year 2024, implying stability through the remainder of the year. We will continue to expand operating expenses on a dollar basis during 2024, but see room for operating leverage as ongoing cost discipline and strategic investment remain balanced.
For Q2, we expect revenue to be between $103 million and $104 million, equaling 23% year-over-year growth at the midpoint, with non-GAAP operating profit between $13 million and $14 million, and non-GAAP earnings per diluted share of $0.13-$0.15, assuming a share count of approximately 116 million shares. For the full year of 2024, we raise our revenue range between $425.5 million and $429.5 million. Non-GAAP operating income is expected to be between $56 million and $58 million, and non-GAAP earnings per diluted share of $0.59-$0.61, assuming a share count of approximately 116 million shares. Now, I'll turn the call back to Shlomi for some closing remarks before we take your questions.
Shlomi Ben Haim (CEO and Co-founder)
Thank you, Ed. In one week, Israel will observe its 76th Independence Day. This year, Israel can't truly celebrate, but only mark the day. The 132 civilian hostages still held by Hamas in Gaza since October seventh reminds us that until they are safely reunited with their families, an important milestone like Independence Day cannot be celebrated in full. Despite the ongoing challenges of the war in Israel and global macroeconomic uncertainties, the JFrog team remains dedicated to our goals and culture. Team JFrog, your unwavering commitment and consistent delivery are truly admirable. I'm saluting your resilient spirit, and thank you for your hard work. Q1 was a solid start for the year.
We continue to believe that JFrog, as a system of record for the entire software supply chain, is uniquely-positioned for success in the expanding world of DevOps and security, as well as seeing potential growth in the emerging market of GenAI. We also recently announced our annual user conference, swampUP, to be held in September in Austin, Texas. This year's keynotes will change the DevOps, DevSecOps, and MLOps landscape as we again prepare together with our partners and community to set the industry standards moving forward. With that, thanks for attending our call, and may the frog be with you. Operator, we are now open to take questions.
Operator (participant)
Thank you. We will now begin the question-and-answer session. If you've dialed in and would like to ask a question, please press star one on your telephone keypad to raise your hand and join the queue. If you'd like to withdraw your question, simply press star one again. If you're called upon to ask a question and are listening via loudspeaker on your device, please pick up your handset and ensure that your phone is not on mute when asking your question. We ask that you please limit yourself to one question and one follow-up. Again, press star one to join the queue. Your first question comes from the line of Sanjit Singh with Morgan Stanley. Please go ahead.
Sanjit Singh (Executive Director)
Yeah, thank you for taking the question. Shlomi, I just wanted to get your latest read on the spending environment and the macro environment. This time last year, the market, and including JFrog customers, were still in sort of cost-optimization mode, watching their cloud spend. At the same time, they're also hesitant to invest in data center. And so as 2024 has started, what trends sort of remain similar to back then? And to what extent are you seeing any sort of improvement in terms of your customers willing to invest?
Shlomi Ben Haim (CEO and Co-founder)
Yes, Sanjit, thank you for the question. So what, what we see actually in the, in the cloud environment, is that, our Cloud keep growing faster than the, on-prem, mainly because of, user consumption and Cloud-migration projects are being, included in our pipeline as we see the market coming back very slowly toward that direction. On the self-hosted, we see, a bit of a growth, on the, adoption and the expansion, but, it remains the same as it was in 2023. Overall, Cloud and on-prem, remind us a lot, as we reported, 2023, Q1 started with 47% year-over-year growth in the Cloud.
More and more cloud customers are looking toward a multi-year subscription when they speak about migration and betting more on migration from self-hosted.
Sanjit Singh (Executive Director)
Understood. And just to follow up, maybe for Ed on the Cloud business. Ed, if I back out the true up from last quarter, I think, which was around $1.5 million, when I look at the sequential growth in Cloud, it was lower than it has been in prior Q1s for the past couple of years. Any reason for the lower sequential growth this quarter, once I do that normal normalization?
Ed Grabscheid (CFO)
Sanjit, this is Ed, and thank you for the question. What we saw in Q4 was a quarter of significant consumption. We see Q1 as more of a digestion quarter. Now, when you look at on a year-over-year basis, we grew 47%. On a dollar basis, we grew much more in Q1 than we did in the prior quarter. So what we're seeing is that customers expanded in terms of usage in Q4. In Q1, they took that opportunity to digest a little bit more and think about project spend and software development projects more towards later quarters.
Sanjit Singh (Executive Director)
I appreciate the color, Ed. Thank you very much.
Operator (participant)
Our next question comes from the line of Pinjalim Bora with JPMorgan. Please go ahead.
Pinjalim Bora (Executive Director of Equity Research)
Great. Hey, thanks for taking the questions. Shlomi, I'll ask you on MLOps. MLflow is interesting, but maybe talk about how the conversations with customers are trending at this point? Are you seeing customers considering JFrog as JFrog Artifactory as a proxy for kind of Hugging Face or any kind of model repositories? And since a lot of the MLOps works, kind of we use a lot of open source library, is it, is it kind of even underscoring the security aspect of the JFrog Platform that you have? So anything around MLOps, what are you hearing from customers would help.
Shlomi Ben Haim (CEO and Co-founder)
Yes, Pinjalim, hi. MLOps obviously is a natural expansion or what we call the natural leap forward for JFrog as we keep all models as a package, just another binary. What we hear from our customers, what we hear from the market, by the way, what we hear from the community as well is that they are looking to have a single source of records for models, just as they have for the other packages. Artifactory obviously serves that. Xray serves as the scanner for models and malicious models, and this is what we announced back in Q4 of the previous year. Now, with the universality philosophy in mind, we are providing all data scientists and ML engineers with the freedom of choice.
Choose what- whatever platform works for you, whether it's MLflow, which is super popular, as we mentioned, with millions of downloads a month, or other, like Qwak and other coming from AWS SageMaker. So the universality around the Artifactory will make Artifactory the registry of choice for models as well as it is today for all the other binaries.
Pinjalim Bora (Executive Director of Equity Research)
Yep, understood. One question for you, Ed. On the Cloud business, correct me if I heard this wrong, but seems like you're seeing incremental efficiency efforts by customers, optimization efforts by customers in Q1. Just wanted to make sure I heard that correctly. And maybe how are those customers kind of optimizing at this point? Because that's something different than what others are saying, that optimization was already done mostly. And maybe help us understand the consumption trend going into April, or so far in May.
Ed Grabscheid (CFO)
Thank you for the question, Pinjalim. What we're seeing, first off, is that, again, this being a quarter of digestion after a very strong Q4, we guided to the mid-40%s, and we exceeded our guidance in terms of 47% on a year-over-year basis. What we're seeing in terms of the trends is that the customer today, the behavior is more towards and aligned with what we're seeing in 2023, that purchasing decisions as well as large projects will most likely come towards the second half of 2024. But what we're, what we are reiterating our guidance around mid-40%s for the full year.
Pinjalim Bora (Executive Director of Equity Research)
Understood. Thank you very much.
Operator (participant)
Our next question comes from the line of Koji Ikeda with Bank of America. Please go ahead.
Koji Ikeda (Director of Enterprise Software Equity Research)
Yeah. Hey, guys. Thanks so much for taking the questions. I wanted to ask a question or maybe, maybe another question here on the SaaS side. You know, I know there is a lot of focus on, on this revenue line item here. And so as we think about... I wanted to ask you a question on the visibility in SaaS. You know, when I look at the net new revenue in SaaS, after normalizing for that one time, it looks about the same as the fourth quarter. And so really trying to understand what your visibility looks like with your SaaS customers, say, for the rest of your business.
Ed Grabscheid (CFO)
Yeah. So what we see and what we've commented before is that we guide towards mid-40%s. It's on the commit. Anything above mid-40%s would be usage, and we don't necessarily guide on usage. So if we see a percentage growth that is above the mid-40%s, that is because additional consumption. What we see today and what we have visibility to is in the commitments, and we continue to reiterate at mid-40%s for our Cloud business.
Koji Ikeda (Director of Enterprise Software Equity Research)
Got it. No, that makes sense. And just a follow-up here, if I may. JFrog, you know, we, we definitely view you guys as an enterprise DevSecOps tool. I, I think there's no denying that. But you do have SMB and smaller mid-markets as customers, and so wanted to ask the question on how demand, and resiliency is shaking out in the lower end of your customer base.
Shlomi Ben Haim (CEO and Co-founder)
Yeah, thanks, Koji. Specifically on security, it's, it's a known vein for all sizes of companies. Software supply chain security is being changed, not only consolidated, but being changed because of the threat that is coming from the runtime environment in which you have binary threats only. So the JFrog Advanced Security, the JFrog Curation, and Xray are covering these needs for the SMB as well. Now, all types of customers, all profile of customers, and I'm not speaking about really small developer shops, but the SMB for sure are looking for solutions that provide a comprehensive coverage over the software supply chain, and this is what the, the JFrog Security solution is, is, abstract by.
Koji Ikeda (Director of Enterprise Software Equity Research)
Thanks, guys. Thanks for taking the questions.
Operator (participant)
Our next question comes from the line of Mike Cikos with Needham. Please go ahead.
Mike Cikos (Senior Analyst)
Hey, guys. Thanks for taking the questions here, and I'll jump on the bandwagon here since we're all asking about SaaS and Cloud. Just to punctuate that point that we were speaking about with Koji, but I wanna make sure, one of the things we're getting from clients here is you delivered the 47% growth in Q1. We're reiterating the mid-40%s for the full year, and I think what I'm getting from folks is the idea that, hey, it's a skinny upside to mid-40%s, i.e., like, it doesn't leave you a lot of wiggle room. And Ed, if I could just go back to your earlier comment, it sounds like the mid-40%s that you've guided to for the year is based on commitments, right?
So in the context of that visibility, that mid-40%s is, is quote-unquote, in hand, if you will, and then the consumption is really the go-get to drive upside to that. Is that a fair characterization?
Ed Grabscheid (CFO)
Yeah, thanks for the question, Mike. So our first of all, our guidance suggests that our pipeline would support the mid-40%s, and that is based on consumption. Secondly, based on commitments. Secondly, usage would be a driver of anything above that mid-40%s growth. Any acceleration beyond that would be migrations, although we don't anticipate anything from a migrations perspective to pick up from what we saw at the levels of 2023.
Shlomi Ben Haim (CEO and Co-founder)
And if I may add to it, Mike, sorry, just one more sentence about that. Listen, we started 2023 with the same, with the same volatility and the same hesitation in the market. People, on the first quarter are far more cautious about their budgets. They are planning, they are not yet executing. Big migration projects are not even being discussed at this point. They want to stabilize their expenses and then to start the year. And exactly as it happened in 2023, and as we predicted and finished the year with a big hype on the cloud goal, this is what we will see here this year. The market is still not out of the woods, and customers are looking at cloud expansion and cloud spending with a magnifier. So Q1 is, is very much aligned.
We even exceeded our guidance. It's very much aligned with our target. But also, if you look at the dollar base, it's a big success among our portfolio.
Mike Cikos (Senior Analyst)
Understood. Understood. Thank you. Thank you for that. And then just a follow-up here. I think transparently, a little bit of the head scratching outside of your purview is just on the comment around the digestion in response to Sanjit's earlier question. So I'd just like to get a sense that digestion, was that anticipated? And then the follow-up is, has that been more front-end loaded? Was it back-end loaded into Q1? Has there been any change in behavior in the interim? Again, to give you some sort of a confidence that those projects that people are looking at are gonna start coming online in the second half of this year.
Ed Grabscheid (CFO)
Yeah, this, this was not a head scratcher for us. This was something to be expected. The customer behavior and what we see in terms of seasonality, there's typically seasonably weaker in Q1 as budget decisions are being made, new software development projects are being determined, and that typically will scale through and grow throughout the course of the year, and this is the trend that we're seeing.
Mike Cikos (Senior Analyst)
Got it. Okay. Thank you for calling that out. I really do appreciate it, team. I'll turn it over to my colleagues.
Operator (participant)
Our next question comes from the line of Jason Ader, with William Blair. Please go ahead.
Jason Ader (Equity Research Analyst)
Yeah, thank you. Good afternoon, guys. I wanted to ask about security, Shlomi, maybe talk about pipeline build for security and what you guys are seeing out there on the ground with the sales reps. And then what are the biggest challenges you're seeing in terms of really just getting this thing out there and, you know, getting people onto the JFrog Platform?
Shlomi Ben Haim (CEO and Co-founder)
Yeah, Jason, these are two great questions. First, about the pipeline. We are thrilled to see the pipeline growing with our enterprise portfolio, and we are very happy to see that they are not only considering JFrog Advanced Security versus Curation or Curation versus JFrog Advanced Security, but both. And to remind you, this is also coming with a different model on top of our subscription that comes basic. So we see the pipeline, we see it growing. These are very promising enterprises that are looking at full adoption of software security, software supply, and security. On the other side, on the flip side of it, none of them is coming from the Docker.
They all have security solution, they are all running a proof of concept, they are all looking to displace or to consolidate, and pipeline building on the landscape of security is taking longer. So on one hand, very thrilled, very excited about the pipeline and the type of customers that are approaching us and running a proof of concept, a solid one, very organized one, consolidating five or more different tools. On the other hand, the life cycle of a proof of concept for security is longer than the DevOps one.
Jason Ader (Equity Research Analyst)
Gotcha. Okay. So, it-- how is that aligned, Shlomi, with your expectations, I guess, six months ago? I mean, is this sort of what you expected, or is it taking-- is it a little bit slower than you expected? And, you know, you still are as optimistic as ever in terms of the, the value proposition, but it's just gonna take a little bit more time.
Shlomi Ben Haim (CEO and Co-founder)
We are staying in confidence with our targets and what we guide you guys, that this year, security will become a material piece of our performance in our orbit.
Jason Ader (Equity Research Analyst)
Very good. Good luck, guys.
Shlomi Ben Haim (CEO and Co-founder)
Thank you.
Operator (participant)
Our next question comes from the line of Miller Jump with Truist Securities. Please go ahead.
Miller Jump (Equity Research Associate)
Great. Thank you for taking the questions. I guess maybe I'll ask one on the self-managed side of the business. You know, you actually had a modest reacceleration there this quarter. Just curious if there was anything one time in nature or anything that made you indicate this might actually exceed your expectations for that part of the business this year?
Ed Grabscheid (CFO)
Hey, Miller, this is Ed. No one time, nothing one time-based, slight acceleration in our self-hosted business. We would expect that the trend in self-hosted will be very similar in 2024 as to what we saw in 2023.
Miller Jump (Equity Research Associate)
Okay, thanks. And then maybe just one more. You know, obviously, this is a lumpy metric, but it also looks like 100,000 customers were the slowest on net adds than they've been in some time. You know, is there anything to indicate that digestion period that you talked about is indicating large customers more than the overall?
Ed Grabscheid (CFO)
Well, what we saw in Q4, and a lot of this, you're right, is lumpiness and seasonality. We had significant traction in our large customers, really in the second half of 2023. So this quarter that we're seeing somewhat digestion as customers are looking at their budgets and considering expansion opportunities. We saw in Q1, although there was nice growth, it wasn't at the same pace that we saw in previous quarters. We would expect that that would start to trend more normalized in future quarters, and it will be similar to what we saw in 2023.
Miller Jump (Equity Research Associate)
Understood. Thank you.
Operator (participant)
Our next question comes from the line of Jason Celino with KeyBanc Capital Markets. Please go ahead.
Jason Celino (Director and Senior Research Analyst of Vertical Software)
Hey, great, glad to be on. You know what? We actually saw some big news this week, you know, that a major player in AppSec, you know, would be spun out as a private standalone. You know, have you seen any changes in the competitive dynamics, you know, in security over the last, call it six months? And then, more importantly, do you see any incremental, you know, share gain opportunities on the horizon, just on the competitive landscape? Thanks.
Shlomi Ben Haim (CEO and Co-founder)
Yes, that's a very good question. First of all, well, the last quarter was full of events that changed everything, and on one hand, we see the need for consolidation around best of breed platform, and therefore, customers mentioning the platform that they can consolidate around, especially around security and DevOps together. On the other hand, there were a lot of changes. HashiCorp got acquired, Synopsys sold the entire stack, and Atlassian had some changes. So obviously there are a lot of changes. Tectonic plates are moving, but one thing is staying the same. Customers are looking to consolidate and to have a comprehensive security solution. And then on that hand, the security landscape and the competitive landscape didn't change from last quarter.
Jason Celino (Director and Senior Research Analyst of Vertical Software)
Okay, maybe just a quick one for Ed. You know, the digestion that we're all kind of discussing today, you know, did you start seeing it at very beginning in the quarter, or was it toward the end, or just pretty consistent throughout? Thanks.
Ed Grabscheid (CFO)
It was consistent throughout the quarter.
Jason Celino (Director and Senior Research Analyst of Vertical Software)
Okay, great. Awesome.
Operator (participant)
Our next question comes from the line of Kingsley Crane with Canaccord. Please go ahead.
Kingsley Crane (Director and Senior Analyst)
Hi, thanks for taking the question. Shlomi, in the spirit of RSA, I want to talk about security. In Mandiant's threat report, 31 vendors were impacted by zero-day threats in the past year. That's up from three in 2018. Not mentioning, you know, thousands of end customers impacted by those breaches. You cited some of JFrog's Security Research in your prepared remarks. Can you talk about the value of having that Security Research team in addition to, you know, your security capabilities, including things like JFrog Curation?
Shlomi Ben Haim (CEO and Co-founder)
Yeah. Well, thank you for noting that. JFrog Security Research team is one of the largest in the industry, not only by the size of the team and how they were trained, but also by the amount of reports and findings that we are sharing with the customers and with the community. Recently, we released a State of the Union for software supply chain security findings, and then just after the Docker Hub scanning and the malicious packages on Docker Hub, together with Docker. This is an amazing differentiator because our customers can know before the rest of the market from threat that might become, and it's included in the database of our Security solution.
So obviously, it's a great service for the community, but it's also boosting our tools to be able to detect some threats before other tools can catch them.
Kingsley Crane (Director and Senior Analyst)
Thank you. That's really helpful. And then for Ed, really strong growth margins, at 85%. Can you talk about the efficiencies you're finding there, even as Cloud generally increases as a percent of your overall revenue?
Ed Grabscheid (CFO)
Yeah, very strong gross margins, as you pointed out, 85.1%. One of the reasons that we had such strong gross margins in Q1 is that we removed, eliminated a third-party outsourced database, as we now standardized on the Vdoo database that we acquired two, three years ago. So we saw some efficiency gain there. However, what we see in our model is that we'll continue to spend and invest in those databases and other costs associated with our gross margins. So our model indicates that we'll still, as it's in our guidance, between 83%-84% gross margins during 2024.
Kingsley Crane (Director and Senior Analyst)
Thank you. Helpful.
Operator (participant)
Our next question comes from the line of Yi Fu Lee with Cantor Fitzgerald.
Yi Fu Lee (Senior Software Equity Research Analyst and VP)
Thank you for taking my question. Question could be for Shlomi or Ed. In terms of, I want to focus on the consolidation opportunity. Maybe if Shlomi or Ed, you could comment on, like, the upsell to your other products. I know in the prepared remarks, you talked about the security as an example. How about other products like CI/CD, Distribution, IoT device management? You know, any updates on that front as well?
Shlomi Ben Haim (CEO and Co-founder)
Yeah. So, obviously, the consolidation of tools around one platform comes with the, with all the capabilities of the factory, the center, and the single source of record, and the registry of all packages, on top of it, the Security solution. But also what you mentioned, distribution, automation, the database that Ed just mentioned. These are all coming in, in one platform, one package, and the expansion potential is around all of them. It's differently packaged in the self-hosted offering versus the Cloud. In the Cloud, we are looking to see more consumption based on more usage and more adoption, and in the self-hosted, it's expansion by seat and by number of servers, by location, by projects, by sizes of teams, and so on.
So that's the expansion momentum that we see now with the additional products on the platform.
Yi Fu Lee (Senior Software Equity Research Analyst and VP)
Got it. Got it. That's, that's extremely helpful, Shlomi. Then my last follow-up is on the MLOps opportunity. It's great that you're giving customer, obviously, the freedom of choice. They don't have to unlock, they don't have to lock themselves up in anything, like they could use Hugging Face or SageMaker or whomever. Was wondering, how mature is the MLOps opportunity, and when do you think it's gonna be more significant to, I guess, you know, the contribution to JFrog?
Shlomi Ben Haim (CEO and Co-founder)
Yes. MLOps is not mature. AI is not mature, but the practices are being built now. And the nice thing about what we see is that the ML engineers, the Python engineers, the data scientists, are actually using the best practices, the DevOps and DevSecOps, to practice MLOps and MLSecOps. So it's not mature. This might be a tailwind, but it's not going to change our 2024 guidance.
Yi Fu Lee (Senior Software Equity Research Analyst and VP)
Yeah.
Shlomi Ben Haim (CEO and Co-founder)
We are going to invest more and expand more getting JFrog Platform prepared to this big opportunity that is coming in the next year.
Yi Fu Lee (Senior Software Equity Research Analyst and VP)
Thanks. Thanks for that, Shlomi and Ed.
Operator (participant)
Our next question comes from the line of Brad Reback with Stifel. Please go ahead.
Brad Reback (Managing Director)
Great, thanks very much. Ed, on, on the digestion commentary, I understand the mid-40% Cloud growth for the year, but it sure feels like you're trying to point us towards less-pronounced seasonality in the June quarter than we've seen in the last couple of years. So maybe we're towards the lower-end of that mid-40%s in 2Q? Thanks.
Ed Grabscheid (CFO)
Yeah. Hi, Brad. You know, the way that we look at this is that it is a metric that has seasonality. What we're guiding to in the mid-40%s is for the full year. That means it's around the mid-40%s. It could be up a few points, it could be down a few points. What we know today and what we see is the commitments, and that's around mid-40%s. Anything above that would be usage. Anything below that, that could be because of monthlies. But what we see is around mid-40%s, and seasonality will play a factor in that quarter-to-quarter.
Brad Reback (Managing Director)
Okay, thanks very much.
Operator (participant)
Our next question comes from the line of Nick Altmann with Scotiabank. Please go ahead.
Nick Altmann (Associate Director of US Software Equity Research)
Awesome. Thanks, guys. Just given the channel efforts and how you guys have built up the sales force over the last year, can you maybe just talk to some of the productivity from some of the newly-onboarded partners, both, you know, last year and when you guys kinda held your first partner event? And then specifically on the direct go-to-market side, maybe just talk to overall sales productivity. Thanks.
Shlomi Ben Haim (CEO and Co-founder)
Yeah, Nick, the channel and partners, as we keep updating you, it's, it's one arm of the transition to the top-down enterprise indirect sales that we are running. The collaboration with the partners and with the channels is by geography and it's by expertise. So it's different partners that you would see on Security versus different partners that you would see on DevOps. It's different partners that you would see in France versus different partners that you would see in Japan. And the one last thing is that now we added and announced the Carahsoft partnership to also go after the public sector or the highly-regulated environment, which they are super familiar with.
We are expanding more and more the relationship with our partners and with our channels to have more resellers in the field that can promote the JFrog Platform offering.
Nick Altmann (Associate Director of US Software Equity Research)
Okay, thanks. And then, I wanted to follow up on the digestion comment. I think it was Koji, you know, asking about, you know, whether it's more sort of geared towards the SMB side of the equation. But, any other trends, that you saw within the installed base around the digestion? Was it sort of broad-based? Was it geo-specific, you know, sector-specific? Just any more granularity on, that digestion, comment that you made in, Q1, and sort of any trends or patterns that you'd call out would be helpful. Thanks.
Ed Grabscheid (CFO)
Yeah, there was nothing that we saw in terms of trends. It was a broad base across the portfolio. Nothing that we can point out specifically.
Operator (participant)
There are no further questions at this time. I turn the call back to Shlomi for closing remarks.
Shlomi Ben Haim (CEO and Co-founder)
Thank you, everyone, for joining our call. We had a wonderful quarter. We are looking for more peaceful day in the region, and may the frog be with you. Thank you very much.
Operator (participant)
This concludes today's call. Thank you for attending. You may now disconnect.