JFrog - Q4 2022

Transcript

Operator (participant)

Ladies and gentlemen, thank you for joining us, and welcome to JFrog's Fourth Quarter and Fiscal 2022 Results. I'll hand the conference over today to Jeff Schreiner, VP of Investor Relations. Jeff, please go ahead.

Jeff Schreiner (VP of Investor Relations)

Good afternoon, and thank you for joining us as we review JFrog's fourth quarter and full year fiscal 2022 financial results, which were announced following market close today via press release. Leading the call today will be JFrog's CEO and Co-founder, Shlomi Ben Haim, and Jacob Shulman, JFrog's CFO. During this call, we may make statements related to our business that are forward-looking under the federal securities laws and are made pursuant to the Safe Harbor provisions of the Private Securities Litigation Reform Act of 1995, including statements related to our future financial performance, including our outlook for Q1 and the full year of 2023. The words anticipate, believe, continue, estimate, expect, intend, will, and similar expressions are intended to identify forward-looking statements or similar indications of future expectations.

You are cautioned not to place undue reliance on these forward-looking statements, which reflect our views only as of today and not as of any subsequent date. Please keep in mind that we are not obligating ourselves to revise or publicly release the results of any revision to these forward-looking statements in light of new information or future events. These statements are subject to a variety of risks and uncertainties that could cause actual results to differ materially from expectations. For a discussion of material risks and other important factors that could affect our actual results, please refer to our Form 10-K for the year ended December 31st, 2021, filed with the SEC on February 11th, 2022, and our most recent report on Form 10-Q, which is available on the investor relations section of our website and the earnings press release issued earlier today.

Additional information will be made available in our Form 10-K for the year ended December 31st, 2022, and other filings and reports that we may file from time to time with the SEC. Additionally, non-GAAP financial measures will be discussed on this conference call. These non-GAAP financial measures, which are used as a measure of JFrog's performance, should be considered in addition to, not as a substitute for or in isolation from GAAP measures. Please refer to the tables in our earnings release for a reconciliation of those measures to their most directly comparable GAAP financial measures. A replay of this call will be available on the JFrog investor relations website for a limited time. With that, I'd like to turn the call over to JFrog CEO, Shlomi Ben Haim. Shlomi.

Shlomi Ben Haim (Co-Founder and CEO)

Thank you, Jeff. Good afternoon to you all, thank you for joining the call. I'm happy to report that we ended fiscal year 2022 with annual results in line with our guidance range, despite that 2022 was a challenging year from a macroeconomic and geopolitical perspective, with moderated growth in the IT market. Nevertheless, DevOps, security software, and cloud computing remained among the most resilient IT projects. I'm happy to see that JFrog not only performed well with revenue growth of 35% year-over-year, in line with our guidance range, also exceeded our commitments to breakeven, wrapping up Q4 with non-GAAP EPS of $0.04, more than double the range we communicated in Q3.

2022 included hypergrowth in our cloud business, significant growth in the number of customers that subscribed to our full software supply chain platform, powered by advanced DevOps and DevSecOps end-to-end solutions, and a higher landing ASP with customers who invested more in digital transformation. For the fiscal year 2022, revenue was $280 million, up 35% year-over-year. JFrog finished the year with over 7,200 customers compared to 6,650 in the prior year, choosing us as their DevOps and DevSecOps partner of choice. Allow me now to elaborate more on our fourth quarter results. Our 2022 fourth quarter revenue was $76.5 million, reflecting 29% year-over-year growth. Our cloud revenues delivered continued momentum, equaling $22.6 million and increasing 53% year-over-year.

Our growth in the quarter was driven by continued increases in end-to-end JFrog platform subscriptions, as well as ongoing customers migration to multi-cloud and hybrid environments. Customers with ARR over $100,000 grew to 736 compared to 696 in the previous quarter, increasing 37% year-over-year. Customers with ARR over $1 million increased to 19, up from 18 in the previous quarter and up 27% year-over-year. We are pleased with this result, especially in light of the market dynamics we witnessed in the last few weeks of the quarter. On today's call, we'll share an update on how the latest macroeconomic changes are impacting our business, how we are adjusting for it, and how we continue to drive growth alongside cost efficiency to capture the massive DevOps and security market opportunities ahead.

Let me start by expanding on the top three themes that drove customers acquisition and expansion throughout the year and specifically in Q4. First, overall adoption of our end-to-end software supply chain platform, showing increasing maturity and tooling consolidation by the enterprise. Second, growing demand for security solutions that are fully integrated into the DevOps workflow and available as part of a full platform. Third, cloud and multi-cloud migration and adoption. Let's begin with the end-to-end JFrog platform's growth. The growing adoption of our complete platform by new and existing customers showcases the broad need for scalable end-to-end, fully integrated hybrid solutions. Our holistic platform approach drove continued sales momentum in Q4. For example, one of the world's most recognizable payment processing companies completed a standardization on the JFrog platform as their system of records.

They chose JFrog over the prior solution, Sonatype Nexus, as they needed a highly available solution that scales efficiently and supports hybrid environments to meet the needs of thousands of developers. In another example, a leading commercial bank in EMEA chose JFrog as their enterprise DevOps system of records. Due to the high level of complexity, they presented requirements for universality, full binary lifecycle management, integrated security, large scale, and efficient replication and distribution between development sites. Already utilizing GitLab for source code management, this bank turned to JFrog to complete their software supply chain coverage with an advanced solution for binary management and software supply chain security.

We saw this trend throughout 2022 as customers are telling us that both from a technology and business perspective, platform consolidation and standardization will be a key theme in 2023, not only for DevOps or DevSecOps, but for complete software supply chain management. Second, to our security pillar. In mid-October, we launched an industry-destructive set of advanced tools introducing JFrog Advanced Security as the first DevOps-centric security solution. While we continued to build and expand this offering, we were excited to see initial customers who purchased JFrog Advanced Security subscriptions quickly taking advantage of these capabilities. JFrog's meaningful investment in security over the past years is beginning to bear fruit.

We strongly believe that the holistic JFrog platform powered by JFrog Artifactory, the database of DevOps, and the de facto standard in the software package management, combined with our best-of-breed security solution into a single platform, will drive adoption among our install base and attract new users. This is reflective of the sea change we saw in 2022 of security being embedded across the software supply chain, and companies discovering that if they don't control and secure their binaries in their organization, they are finding it nearly impossible to secure their software assets and remediate security issues. Modern security technology is automated, requires less human intervention, manages software package dependencies, and sets policy that protect and remediate an organization's software supply chain.

We built JFrog Advanced Security with this understanding. We believe it will displace legacy security solutions, attracting new customers to JFrog as this market continues to mature. In just over a year since our acquisition of Vdoo, JFrog has released a half dozen capabilities that can consolidate security point solutions currently in the market. As some competitors cobble together open source tooling to appeal to the market demands, JFrog delivers a comprehensive DevOps and DevSecOps solution for enterprises who are looking to consolidate their tool stack into a single platform. Let me share with you how we differentiate in security. Development teams are using security point solutions that generate too many results, requiring them to inefficiently fix all vulnerabilities, not allowing them to prioritize remediation based on context. This is why our contextual analysis capability was released.

With JFrog Advanced Security, we allow teams to prioritize, save development hours, and focus on what matters. Also, companies want to ensure that no software is shipped with an accidentally included secrets or access keys. This is why secrets detection in our advanced security solution is so important, as it discovers inadvertent revealing of secrets and where they live in both code and hard-coded into binaries. JFrog is helping companies and development teams focus these holistic security efforts with our solutions, alleviating teams' workloads, decreasing risk, and covering the entire software supply chain, which is impossible by scanning source code alone. We believe this approach will help drive growth in existing customers in 2023, upgrading many into higher JFrog subscription types that incorporate security solutions alongside core artifact management.

Security budgets remain one of the most defensible areas of technology spend as enterprises prioritize investing in end-to-end solutions to secure their growing digital attack surface. For example, in Q four, one of the Nordic region's most prominent banks turned to JFrog to incorporate security across their software supply chain. Looking for a multi-cloud-based solution to streamline their operation, they partnered with JFrog and Google Cloud via their marketplace to enhance the bank's security posture and displace legacy on-premise solutions. In another Q four example, one of France's most recognizable luxury brands turned to JFrog for complete visibility and security across the software supply chain, saying they could now build once and run everywhere securely across multiple cloud providers. Looking to consolidate and standardize their DevSecOps tools long term, this company is illustrative of what we are hearing from thousands of JFrog customers.

They want to get control of their security tool sprawl and associate costs. We'll keep investing in JFrog security solutions as one of our R&D cores and look forward to more advancement and innovation in software supply chain security in 2023. We believe proven, powerful, holistic security solution coupled with end-to-end binary management is antidote to modern software supply chain security threats. I want to address our cloud business. Cloud, multi-cloud, and hybrid infrastructures continues to be the desired end state of many companies. Our enterprise customers tell us that cloud migrations are often a multi-year effort and that the hybrid capabilities of JFrog allow them to move over time at their own pace with limited disruption to the business. We've been pleased throughout the year to see growth in the cloud business across all subscription types.

In Q4, a Fortune 100 pharmacy brand chose JFrog software supply chain platform due to the immediate need to consolidate DevOps and DevSecOps solutions. JFrog replaced multiple existing on-premise and cloud offerings, including container registry tools from AWS and Google Cloud to manage their full software supply chain on one platform. This $500,000 Enterprise+ deal was driven by the need for universality, scalability, consolidation of tools, and JFrog's out-of-the-box integrations across the ecosystem. Recent CIO surveys validated by analysts and our customers tell us that while some short-term budgets may be tightening, annual investment in DevOps and security platforms in 2023, specifically in multi-cloud form, are expected to grow over 2022. Next, I want to address the ongoing macroeconomic challenges.

JFrog's overall win rate and customers preservation remains robust, consistent with the historical trends, and we have been able to close substantial amounts of Enterprise+ deals that show us the enterprise demand for JFrog solutions. However, the macroeconomic headwinds, such as elongated sales cycles and customers pushouts, increased significantly in the fourth quarter, impacting the overall growth of our business. During the month of December, we witnessed a further slowdown in deal closing and increased customers optimization efforts in cloud usage. As we close the quarter, we saw our customers exercise caution in this uncertain environment. This is evident in the number of deals that pushed from Q4 into 2023 and that now require C-level budget sign-offs. This impacted our growth and net retention rate in the fourth quarter.

It is further evident that self-hosted customers who considering migration to the cloud are expanding their on-prem system at a slower pace in favor of their cloud migration strategies that are pending further budget approvals. We would expect this pattern to continue in 2023 and have included them in our forward outlook. Despite these challenges, we see growing need for DevOps security and edge solutions across the software supply chain in 2023 and beyond. Continuing to believe JFrog's software supply chain platform sets industry standards and delivers unmatched value to the market. As we step into 2023, we see opportunities to leverage investments we have made within our solutions in prior years, allowing us to expand our profitability while still delivering top-line growth as we will share in our guidance.

JFrog was founded in a recession, has built a solid business across a decade, and we believe remains well-positioned and well-equipped to deliver in uncertain times. With that, I'll turn the call over to our CFO, Jacob Shulman, who will provide an in-depth recap of Q4 financial results and update you on our outlook for both Q1 and fiscal year 2023. Jacob.

Jacob Shulman (CFO)

Thank you, Shlomi, and good afternoon, everyone. During the fourth quarter, total revenues were $76.5 million, up 29% year-over-year. The full fiscal year 2022, revenues were $280 million, up 35% year-over-year. We ended the year with 7,200 customers, an increase of 8% over the 6,650 customers at the end of 2021. Expansion in our cloud business continued during the fourth quarter with revenues of $22.6 million, up 53% year-over-year, representing 30% of total revenues. For fiscal year 2022, our cloud revenues equaled $80 million, up 60% year-over-year and equaled 28% of total revenue.

We are pleased with the growth in our cloud business during the quarter and fiscal year 2022. However, we have seen an expansion of headwinds from both customer optimization and macroeconomic impacts relative to our expectations, which impacted fourth quarter results. In the fourth quarter, our cloud usage was impacted by higher-than-expected transition of our pay-as-you-go customers to minimum annual commitments. The transition to annual commitment is beneficial to our business, reduces volatility, and provides more visibility over the long term. In the short term, it negatively impacted our revenue growth in the quarter due to volume discounts based on commitment size. Self-managed revenues or on-prem were $54 million, up 21% year-over-year during the fourth quarter. For full year 2022, self-managed revenues increased 28% compared to the prior year.

Net dollar retention for the four trailing quarters was 128%, a decline of two points due to macro headwinds. Our gross retention continued to be at 97%. In Q4 of 2022, 43% of total revenue came from Enterprise+ subscriptions, up from 35% in Q4 of 2021. Let me discuss the income statement in more detail. Gross profit in the quarter was $64 million, representing a gross margin of 83.7% compared to 84.8% in the year-ago period. The decrease in gross margin relative to the year-ago period is related to a high portion of cloud revenues as a percentage of total.

We expect gross margins will remain between 83% and 84% in the near future, and then trend toward the low 80s over the long term as cloud revenues become a greater portion of our total revenue. Operating expenses for the fourth quarter was $62.5 million or 82% of revenues, up from $50.2 million or 85% of revenues in the year ago period. Our operating expenses grew sequentially by around $3 million as we continue to build out our enterprise sales and channel relationships for the long term. Non-GAAP operating profit in Q4 was $1.6 million or 2.1% operating margin, compared to an operating profit of $50,000 or 0.1% operating margin in the year ago period.

We turned back to profitability this quarter as non-GAAP net income in the quarter was $4 million with earnings per share of $0.04 based on approximately 106 million weighted average diluted shares outstanding, compared to a loss of $0.01 per share in the prior year quarter. Turning to the balance sheet and cash flow, we ended the year with $443 million in cash and short-term investments, up from $434 million as of September 30, 2022. Cash flow from operations was $7.3 million in the quarter. After taking into consideration CapEx, free cash flow was $6.4 million or 8% free cash flow margin. We remain committed to accelerating our free cash flow margin towards our long-term target of 30% over the coming years.

As of December 31st, 2022, our remaining performance obligations totaled $204.7 million. I'd now like to speak about our outlook for 2023 and guidance for the first quarter and full year. Our expectations for 2023 implies strong growth in our cloud business. Due to continued headwinds related to customer optimization efforts and ongoing macroeconomic impact, we see baseline growth levels moving toward the mid-40s, down from prior levels of mid-50s. We expect the trend of slow expansion within our self-hosted business to continue through 2023 as more new customers land and expand with our cloud solutions. We continue to see an increase in usage of our solutions by self-hosted customers, and therefore, during the upcoming fiscal year, we will implement the pricing change to better align the value we deliver.

This pricing increase will contribute roughly $6 million to our forecasted 2023 revenue growth. In addition, we will soon be releasing a version of JFrog Advanced Security supporting our self-hosted customers. We're happy to see strong customer engagement since launch with our cloud-based offering and see this introduction as an opportunity to be an additional driver of expansion within our self-hosted customers. Our outlook does not anticipate any increase in customer churn as we are not seeing a loss of business. We are seeing an elongation of customers' migration process to the cloud, which will impact our net retention levels in the short term. Our expansion in our cloud business continues to be a catalyst for longer-term growth. Given the dynamics of our self-hosted cloud businesses in 2023, we now expect our net dollar retention ratio to be in low 120s for fiscal year 2023.

As committed, we return to profitability in 2022 and now see opportunities to expand further in 2023 and beyond as we begin to leverage investments we have made within R&D and sales and marketing over the past few years. Following prior cost optimization efforts we referenced in the second half of 2022, we will continue with our cost management efforts, shifting resources to high growth opportunities, and being disciplined about headcount growth. For Q1, we expect revenue to be between $78 million and $79 million, with non-GAAP operating profit between $1.5 million and $2.5 million, and non-GAAP earnings per diluted share of $0.03 to $0.05, assuming a share count of approximately 107 million shares.

For the full year of 2023, we anticipate a range between $340 million and $344 million. Non-GAAP operating income is expected to be between $17 million and $19 million, non-GAAP earnings per diluted share of $0.18 to $0.20, assuming a share count of approximately 110 million shares. Let's return the call back to Shlomi for some closing remarks before we take your questions.

Shlomi Ben Haim (Co-Founder and CEO)

Thank you, Jacob. We believe we are well-positioned to face macroeconomic headwinds as we have built a diversified customer base across multiple geographies and industry verticals. We believe our software supply chain platform is mission-critical in the digital transformation of enterprise customers, and our security capabilities complement our leading position in DevOps. As we are turning the page on 2022 and leap into 2023, I'd like to take this opportunity and thank my team. Over 1,300 Frogs are working days and nights to make sure we are not only innovating, but also turning our customers into a digital transformation catalyst. We reimagine the future and navigate through the macro challenges in 2023. We're committed to working with the community, our customers, partners, and industry innovators to transform the software supply chain across our three cores, DevOps, security, and IoT.

Thank you all for your attendance today, and may the Frog be with you. Now we'll be happy to take your questions. Operator?

Operator (participant)

Thank you. If you would like to ask a question today, press star followed by one on your telephone keypad. We ask today that you limit yourself to one question and one follow-up. Thank you. Your first question comes from the line of Pinjalin Bora with J.P. Morgan. Your line is now open.

Pinjalin Bora (Executive Director and Equity Research)

Hey, thank you so much for taking the questions. Shlomi, maybe you can start with the advanced security side. Seems like you're seeing some initial good kind of traction there. Maybe help us understand kind of the attach rates to existing customers at this point. Is it fair to assume kind of it's more of an expansion motion than a land motion and, you know, in general what you're seeing?

Jacob Shulman (CFO)

Pinjalin, this is Jacob. Pinjalin, it's, if you could improve the quality of your line, please. It was really hard to hear the question.

Pinjalin Bora (Executive Director and Equity Research)

Oh, sorry. Is this better?

Jacob Shulman (CFO)

Yes, much better.

Pinjalin Bora (Executive Director and Equity Research)

Yeah. I wanted to ask about Advanced Security and the attach rates that you're seeing with existing customers, and if you're seeing any lands, or maybe it is not a land motion.

Shlomi Ben Haim (Co-Founder and CEO)

Yes. Pinjalin, hi, this is Shlomi. I'll start, and Jacob, feel free to chime in. Advanced Security, as you know, was launched on October of last year. From the early beginning, we saw demand from our existing customers that require a platform solution that comes not only with the Artifactory and Xray, but the full comprehensive Advanced Security capabilities. We added some features that are aligned with the software supply chain security and make sense to the enterprise. Some of what we have heard from our customers, and as we reported, some already purchased, is that they need to consolidate solutions that are now spread between different point solution. They need a solution that can run in the cloud and on-prem. This is our plan.

They need a solution that protect the software supply chain, left to Artifactory and right to Artifactory. This is where JFrog Eternal Security comes in.

Jacob Shulman (CFO)

Yeah.

Pinjalin Bora (Executive Director and Equity Research)

Yeah. Understood.

Shlomi Ben Haim (Co-Founder and CEO)

The Advanced Security would be add-on and requires Xray capability. That's why in terms of attach rate to the customers, about half of our customers have access to Xray. Those would be the group of customers that can today purchase Advanced Security. Again, this just the first weeks of this product. We're happy to see first customers buying it, and we have great expectations from this product, but it's just first weeks of this product in the market.

Pinjalin Bora (Executive Director and Equity Research)

Yep, understood. On the macro side, maybe, help us understand the pipeline that you're entering this year with at this point, at this point in time. What have you seen so far in January? Is that more so what you'd seen in December, or is it taking a step down? Just trying to understand the guidance and, you know, how much room is there. Is it de-risked or not?

Shlomi Ben Haim (Co-Founder and CEO)

We did see kind of macroeconomic headwinds accelerate a bit in the last few weeks of December. Specifically, we did see increased activity in cloud usage optimization. We do see that customers trying to meet their budgets, they don't have any more kind of room to exceed the initial budget allocations. We also saw some deals push out because it required additional approvals, which was not required previously. Those dynamics, we believe will continue to see in 2023, and that's what we took into account in our guidance for the full year and the first quarter.

Sanjit Singh (Executive Director)

Understood. I'll get back in the queue. Thanks.

Operator (participant)

Your next question comes from the line of Sanjit Singh with Morgan Stanley. Your line is now open.

Sanjit Singh (Executive Director)

Thank you for taking the questions. I wanna follow up a little bit more on the outlook, Jacob. In terms of some of the dynamics you're seeing, you know, well understood on the elongation of sales cycles, but was wondering, you know, thus far into early January, have you been able to close any of those pushed out deals? And in terms of the dynamics of customers moving from pay-as-you-go monthly to annual, you'd mentioned this dynamic, you know, before, earlier this fiscal year. So just the magnitude of the shift is just sort of more pronounced. And as you think about guidance for next year, where specifically are you embedding more conservatism just so we can get a sense of how you arrive to your guidance for 2023?

Shlomi Ben Haim (Co-Founder and CEO)

Yeah. From the deals that were pushed out, some of them were closed in 2023. A lot of them haven't yet been closed because they require additional approvals, and they're going through approvals. As we see customers looking at their budgets and kind of at the end of the year, typically they working on their budget plans, that was yet another reason for customers kind of waiting with their purchasing decisions before the budgets are finalized. Now, with regards to the pay-as-you-go to annual commitments transition, first of all, the portion of our pay-as-you-go customers of as percent of our overall cloud business today represents much smaller portion. We entered the year with about a third of the business cloud business being pay-as-you-go.

We exited the year with pay-as-you-go to be about quarter of the cloud business. The transition to annual provides us better visibility, better forecasting capabilities, and helps us to create better even engagement with the customer because it's typically kind of longer term engagements with customers with their roadmap. We expect that our pay-as-you-go to annual commitment transition will continue. We've seen that obviously, as you know, the optimization from customers is coming from two angles. One is storage optimization, another one, data transfer optimization. Customers have more flexibility to do storage optimization than data transfer optimization, and we believe many of them have already done that.

We still try to be cautious in terms of, you know, we just, the level of, this optimization effort increased in last few weeks of the quarter. We trying to be conservative in how we approach the full guidance for the year.

Sanjit Singh (Executive Director)

Understood. Shlomi, I guess a question for you. You know, you have Microsoft announcing things like Copilot for GitHub, which at least has the potential to rapidly accelerate the development and production of code. I imagine, like, you know, the Microsoft sort of competitors, Google, Amazon, maybe others, will respond in some sort of fashion. When we think of this sort of AI movement on the sort of left-hand side of the software release cycle, how do you think this impacts if this trend were to continue and adoption of things like GitHub Copilot, you know, accelerates meaningfully?

What do you think the impact is on, you know, the software release cycle sort of overall, how it impacts JFrog as a DevOps platform within that software release cycle, and maybe even Artifactory, if you could sort of peel the onion, for us in terms of how the market may be evolving with respect to some of these new AI-based technologies?

Shlomi Ben Haim (Co-Founder and CEO)

Thank you, Sanjit, for the question. Obviously, AI embedded into source code management is something that is led by GitHub, and I think that they did a good job with the Copilot. However, this is for source code management. Most of what you do, once you worked on your source code, you start to automate everything, and this is the power of binaries. When you automate, AI is required. The whole automation and artificial intelligence is required in order to do a better management of binaries, a better management of binaries distribution, and a better management of binary security. Some of these capabilities are already included in how we build our next generation distribution, next generation security.

Some of the capabilities that we released in JFrog Advanced Security are replacing point solution legacy security solution with tools that are far more automated. The power that we have with Artifactory is that it's easy to automate binaries, and it's almost, I don't want to say impossible, but challenging to automate source code. Binaries are machine language, so I think that you will see more and more AI embedded into JFrog Security. To your question, it will go perfectly with AI embedded into source code management.

Sanjit Singh (Executive Director)

Understood. Thank you, Shlomi.

Operator (participant)

Your next question comes from the line of Kingsley Crane with Canaccord Genuity. Your line is now open.

Kingsley Crane (Managing Director and Equity Research)

Hi. Thanks for taking the question. I believe you're guiding fiscal 2023 revenue growing around 22%, and then Q1 growing around 23%, and then exiting Q4 around 128% NRR. Just kinda curious, I know you said a little bit lower, but what NRR would be underlying the guidance for next year?

Jacob Shulman (CFO)

Yeah. We exited the year with 128% net dollar retention, and we expect it gradually converge towards 120% over the course of the year.

Kingsley Crane (Managing Director and Equity Research)

Okay. Thank you. Then just wanna touch also on the pricing changes. It sounds like it could provide a $6 million tailwind. Just any more color on the set of customers this would affect, and then the nature of this change.

Jacob Shulman (CFO)

It's only impacting our self-hosted customers. As you know, our cloud monetization model is based on usage. Our self-hosted business monetization is based on number of servers. We do see that our customers utilize our solutions more and more on the self-hosted side, but it does not necessarily relate or impact in the server purchases. Therefore, we decided to make this price change in order to better align the value that our customers are getting with the price that they pay. It's a small percent, 3%-5% increase across all subscription types on self-hosted solutions.

Kingsley Crane (Managing Director and Equity Research)

Okay. Really helpful, Jacob. Thank you. All back in queue.

Operator (participant)

Your next question comes from the line of Koji Ikeda with Bank of America. Your line is now open.

Koji Ikeda (Director and Enterprise Software Equity Research)

Hey, Jacob, Shlomi. Hey, guys. Thanks for taking the questions. I wanted to follow up on that net revenue retention color there. And I wanted to kind of frame it more on the upside in perspective. You know, what needs to happen maybe from a demand environment or, you know, the customers out there or the way that they're consuming the product that could drive net revenue retention, you know, higher from the low 120s, maybe back up to historical levels?

Jacob Shulman (CFO)

Yeah. Koji, as you know, our expansion for our customers in the cloud environment is higher than the corporate net dollar retention. If we see that the trends of customer migration accelerate or the trend of customer usage optimization in cloud decelerate, that's what could create potential upside on the cloud usage. Also, the adoption of our security solution of our on-prem customers, again, as we noted in prepared remarks, we see. We're very happy with the engagement with our customers for the on the cloud side with Advanced Security capabilities. We expect to launch that for on-prem. The adoption of these capabilities for on-prem by on-prem customers will also create certain upside to our expectations.

We haven't launched yet, Advanced Security for on-prem. That's why it's too soon for us to tell. That's why we kind of, that potential, potentially could create an upside.

Shlomi Ben Haim (Co-Founder and CEO)

Yeah, Koji, if I may add, I think that what we see is that the cloud growth is still performing very high. You could see it in the results. What we've seen in the last few weeks of 2022 was that on-prem customers that were in the process of migrating to the cloud and improving obviously our net dollar retention are currently on hold pending for budget approvals. This is part of the pipeline that was pushed. On the same hand, they are not investing more in on-prem.

It's kind of an in-between period for on-prem customers that already expressed their motivation to move to the cloud, already completed a successful proof of concept of this workload migration, but still waiting to get the final approval for budget, of moving to the cloud. That's obviously, on a bigger volume in our install base, the on-prem current customers.

Koji Ikeda (Director and Enterprise Software Equity Research)

Got it. No, thank you for that. Just one follow-up here, if I may. A question on kind of the new business assumptions. You know, thinking about the net revenue retention and the guide, I mean, it does imply not a lot of new business. How should we be thinking about new business as a contribution to growth in 2023?

Shlomi Ben Haim (Co-Founder and CEO)

We are looking at the new business, and we are adding capabilities. Not only capabilities, but also more deployment environment, cloud and on-prem. Obviously, the majority of new customers are coming through the cloud, and we are very happy about that. That's a cloud first strategy that we set few years ago and now bear fruits. Well, listen, JFrog provide a solution to the enterprise and small, medium companies that already have a mature development environment. If you are a startup with few developers, it's not necessarily bring the value that you need at scale. We are very pleased with the 100 of new customers and new logos that we added, and we are also very pleased with those that joined us in previous years and now upgraded to the platform.

What we see coming next is more customers, new customers joining us as they scale, joining us as they move to the cloud, and joining us as they need more security capabilities under one platform.

Koji Ikeda (Director and Enterprise Software Equity Research)

Thanks, guys. Thank you so much for taking the questions.

Operator (participant)

Your next question comes from the line of Jonathan Ruykhaver with Cantor. Your line is now open.

Jonathan Ruykhaver (Managing Director)

Yeah. Hey, guys. The profitability for fiscal 2023 much, much higher than expected, so that's nice to see. Given the headwinds that you see, the macro related headwinds to top line, are you sacrificing maybe too much on the growth side? I guess what I'm asking is what is your confidence in achieving top line growth just given the lower OpEx spend and, you know, maybe something more that's occurring to the business beyond just macro? I don't know if, you know, if competition is changing or if you see different approaches or, maybe repository management or distribution that might be impacting the opportunity.

Just seems like with, you know, the bullishness you've articulated around expansion of Artifactory, you know, Advanced Security distribution that, you know, that number would be going as low as you talked to.

Jacob Shulman (CFO)

Yes. We invested in the various areas over the course of last few years, and we have started seeing first fruit from our investments in security capabilities. Artifactory is obviously the de facto standard in the industry and continue to be very strong brand. We also built significant infrastructure around our go-to-market and R&D capabilities. We believe that the current level of investments is sufficient for us to achieve this revenue targets that we expect. That's why we can increase our bottom line as well, because we feel comfortable in the level of investments that we've done.

Shlomi Ben Haim (Co-Founder and CEO)

John. If I may add, well, you know, JFrog, you follow JFrog, profitability was part of our plan before the recession. We are very happy. I'm very pleased to see that we are not just committed to this KPI, but also exceeded in performing there. We will keep on doing that. Your question is very important because you're asking if this is for profitability, are we sacrificing something? The answer is no. We actually invested in three main domains: A, cloud, B, platform, and C, security. This is what we've done for the past year.

I think that the company is set to kind of go after the fruits of these investments that are also very much aligned with the market demand and what we hear from the market. We will take the profitability challenge alongside going after the fruits of our investment in 2023.

Jonathan Ruykhaver (Managing Director)

Okay. That's helpful. Thank you. The following question I have, I would think that this would be a positive, but just the trends you might be seeing around artifact size, container usage, infrastructure as code, how do those trends potentially impact demand trends for Artifactory?

Shlomi Ben Haim (Co-Founder and CEO)

Yeah. Artifactory, as Jacob mentioned, Artifactory is the standout maker in the binary and artifact management in the world. We are very happy to see it growing and especially when new customers and large enterprise are adopting this methodology. It's kind of showing us that what we invested in is really the center of gravity for software supply chain management. When you build on top of the database of DevOps, Artifactory, and Artifactory became the single source of record for all companies, then the capabilities that you're adding as part of the platform are just completing the customer's ability to control the full software supply chain left and right to Artifactory.

We still think that the primary asset in software supply chain management is artifacts, and we're also seeing it from the customer's demand, and we're also seeing it from other companies that are trying to develop the same capabilities.

Jonathan Ruykhaver (Managing Director)

Okay. That's all I have. Thank you.

Operator (participant)

Your next question comes from the line of Mike Cikos with Needham. Your line is now open.

Mike Cikos (Senior Analyst)

Hey, guys. You have Mike Cikos here, and thanks for taking the questions and getting me on. I wanted to cycle back to some of the earlier questions that are trying to get at what level of conservatism is baked into the guidance or how much has it been de-risked? Really where I'm going with this is focused a lot. I think Jacob, in your prepared remarks, had said that SaaS growth in calendar 2023 is expected to be mid-40s as we look out over the course of the next year.

I'm trying to just get a better feel or a sense, but can you help us think about what went into your assumptions to arrive at that mid-40s, especially as we look at the comps that you guys are up against, given the strong growth rates you guys delivered in calendar 2022. Anything on that SaaS growth in 2023 would really be beneficial from my understanding.

Shlomi Ben Haim (Co-Founder and CEO)

Yeah. The following assumptions we looked at when we came to this conclusion.

Is the number of customers today and the overall business today on minimum annual commitments versus pay-as-you-go? Two. We looked at the pipeline for migrations from on-prem to cloud. We assumed some delays as we know that we did experience some delays in the conversions in the late part of Q4. We assume that the delays, we will continue to see some delays in 2023. We applied some conservatism on the pipeline for conversion. We also did not embed the significant upside usage on top of minimum commitment. We do expect that customers will continue to optimize their cloud usage, and therefore the minimal potential upside above their annual commitments.

Mike Cikos (Senior Analyst)

That's great. I really do appreciate you walking me through that. Another question for you, I guess the follow-up here. I forget if it was Koji, but one of my colleagues had asked about what's expected for the calendar 2023 contribution from new customers. I think my question is a little bit different and probably more with respect to the existing customers here. If I look at that total customer count, I know that we only get that on an annual basis, but in calendar 2022, it grew 8% year-to-year versus growing 10% in calendar 2021. Calendar 2021 would have been 13% if I strip out the customers that churned because you guys sunset a couple of products.

The question that I have is, if the customer base is growing at a slower rate, how is that impacting ability or your forecasting here when you're thinking about the ability to continue to grow that existing customers if those customers aren't growing at as rapid a clip as they had been in previous years?

Shlomi Ben Haim (Co-Founder and CEO)

Yeah, Mike, I'll take this question, and thank you. Well, first of all, you know, in the past three years, we added 2,000 new logos to JFrog portfolio. We are also happy with the fact that our cloud's first strategy navigate more and more new customers to join JFrog in the cloud first and not migrating later. The third thing, we are adding capabilities, and we see a growing ASP from the landing point. Our entry-level price is higher. There are more adoption of new capabilities. Still, when you add 100s of customers a year, and thousands since we start, you know, building the platform with you guys, watching it, I see the growth as we expected.

Please remember, as I answered to Koji, these are mature companies that need a serious software supply chain coverage, meaning that they are ready to scale, and they are not in the proof of concept of adopting a software supply chain solution. We build for scalability, and we build a comprehensive solution that comes as one platform to enable that. This is one of the reasons that we also see a higher ASP on the lending point.

Mike Cikos (Senior Analyst)

Terrific. Thank you, guys.

Operator (participant)

Your next question comes from the line of Ittai Kidron with Oppenheimer. Your line is now open.

Ittai Kidron (Managing Director)

Thanks, guys. Couple things for me, Shlomi, on the macro front and the elongation of the sales cycles. Couple things on that. First of all, was January worse than December, the same? If you can talk about that. Then second, related to that, is there any more color you can give us on regions, North America, Europe, Asia, or type of customer, enterprise commercial?

Shlomi Ben Haim (Co-Founder and CEO)

Yes, thank you, Ittai. It's too early for me to speak about January, but I can tell you that what we've seen in December and specifically in the last weeks of the previous quarter is kind of a pattern that we keep on seeing, and this is why we took it into consideration when we proactively set our outlook. We see that difference between geographies, not just because of the geopolitical situation in Europe, but some differences between geographies in how they adopt software supply chain and how they adopt cloud. Obviously, North America is leading with cloud migration, with the big legacy industry vectors start to move to the public cloud. We see EMEA following, but in a slower pace.

APAC is really at the beginning of adopting platform solution. They are still at the basics of DevOps. The second thing that we see is that security, especially in North America, and more specifically, software supply chain security, after the White House launched a bid saying that this is part of the regulation, is part of every CIO agenda for 2023. This is why we were very focused on having JFrog Advanced Security for 2023 and not later this year. I assume that we will keep seeing this trend, elongated process, more C-level sign-offs. We will see this. Alongside that, in North America, cloud growth will still happen and security will still be top in line of the CIO and the CISO's list.

Ittai Kidron (Managing Director)

Okay. Maybe following up on security and Advanced Security more specifically, can you clarify the pricing changes related to Advanced Security? I mean, you had Xray before, the introduction of Advanced Security did what to pricing? How did that affect your pricing scheme and how customers buy it?

Shlomi Ben Haim (Co-Founder and CEO)

Yes. Xray, as you remember, Xray is a tool that protects Artifactory. You have Artifactory as your single source of truth, and then Xray sits on top of it to make sure that your binary repository is protected. What we have done with JFrog Advanced Security is we added capability that protect you from left and right to Artifactory. Left means how you protect your static code analysis, how you protect your source code, how you protect your development environment. Right means how you protect your runtime environment, container security, secret detection, and contextual analysis. Basically, JFrog Advanced Security is a price on top of the current subscription that focuses on security for the full software supply chain. Xray is part of the current subscription, which protect your Artifactory.

Speaking of, left and right to Artifactory, we are looking at power spend of over $1 billion left to Artifactory developer security and around $4 billion on the right to Artifactory, which is more runtime and production environment. We are very excited about what JFrog Advanced Security can bring in addition to our business.

Ittai Kidron (Managing Director)

Okay. Just to clarify it there, Shlomi, I think you mentioned in the prepared remarks or Jacob did, I don't remember, that about 40% of customers already have Advanced Security. Within a Q2, already almost half of your customers are paying extra for this? It just seems such a rapid adoption of an incremental paid solution, yet your numbers didn't move in the material kind of a way to suggest that it has many meaningful impact. Help me reconcile the two.

Shlomi Ben Haim (Co-Founder and CEO)

Yeah. I think that what we said is that 40% of our customers already have Xray. This is not Advanced Security.

Ittai Kidron (Managing Director)

Got it.

Shlomi Ben Haim (Co-Founder and CEO)

Advanced Security is on top of that, and it requires an upgrade to a more superior subscription.

Ittai Kidron (Managing Director)

Got it. What % of your customers have that?

Shlomi Ben Haim (Co-Founder and CEO)

We are just in the very early beginnings. We launched JFrog Advanced Security a few weeks ago, and in the next few weeks, we are going to introduce JFrog Advanced Security for on-prem customers. We are in the very early beginning.

Ittai Kidron (Managing Director)

Got it.

Shlomi Ben Haim (Co-Founder and CEO)

We hope to see that all the Xray users will also upgrade to use JFrog Advanced Security.

Ittai Kidron (Managing Director)

I appreciate it. Thank you so much.

Operator (participant)

Your next question comes from the line of Michael Turits with KeyBanc. Your line is now open.

Michael Turits (Managing Director)

Hey, guys. Thanks. Hey, guys. Macro question first. You know, some of these trends in cloud optimization and slower migrations were already taking place last quarter. You can see that in the hyperscale numbers and other places. You know, you and other people in let's call it cloud native development had strong quarters in third quarter and didn't seem to be seeing that impact. What's changed? Is it just that it's one quarter further into that optimization, or are we actually seeing more new software development projects maybe canceled, slowed down, or less developers hired? Is that the change from last quarter to this quarter?

Shlomi Ben Haim (Co-Founder and CEO)

What we're seeing is more pronounced optimization of the cloud usage, and also somewhat delayed in the customer migration to cloud, where some customers put on hold their migration pending additional approvals from C-level while they stopped already investing into expansion of their own self-hosted solutions.

Michael Turits (Managing Director)

Right. Yeah. That's helpful in explaining that. What I'm trying to get at is whether or not new development projects are slowing in a meaningful way, if that's changed from last quarter.

Shlomi Ben Haim (Co-Founder and CEO)

Yeah. I'll say that we, Michael, if you run an on-prem environment and you already have the strategic approval to move to the public cloud, what we see now is that you're holding, and that's a very big chunk of the migration process pipeline that we had. The second thing was that cloud, especially at the end of the last quarter, what we've seen is that maybe it's because of the year-end, maybe it's because of budget reasons, but we've seen our cloud users go and optimize their cloud usage, both in storage and data transfer. The last thing is that there are some hybrid users that are now deploying less funds in the on-prem and not yet deploying more funds in the cloud.

We had more conversations with C-levels than ever before that are waiting for final budget approval. The main change that we've seen between the end of last quarter to today is around that.

Michael Turits (Managing Director)

Okay. I'll just keep it at that one since we're at the top of the hour. Thanks.

Operator (participant)

Your next question comes from the line of Rob Owens with Piper Sandler. Your line is now open.

Speaker 12

Thanks for taking my question. This is Ethan on for Rob. I just wanted to kind a ask a little bit more around the IoT opportunity. I know there's some mention of that in the prepared remarks, and kind a where the market's at with that right now. Are you seeing customers coming to you actively seeking this out, or are you still kind of in an education part of the cycle right now, where you're helping customers understand that you have this capability and that you're able to provide them with this type of automated release deployment with software? Thank you.

Shlomi Ben Haim (Co-Founder and CEO)

Yeah. Thank you, Rob, for this question. As you remember, in Q3, we reported 1 big project that already adopted JFrog Connect, the IoT over the air update mechanism. We now have in pipe few other projects coming from very big customers that want to extend the Artifactory and security usage all the way to the connected devices. We are excited about that part of the solution that we wanted to see an end-to-end all the way to the device, and it's still happening.

Speaker 12

Thank you. That's it for me.

Operator (participant)

There are no further questions at this time. I turn the call back to Shlomi for closing remarks.

Shlomi Ben Haim (Co-Founder and CEO)

I'd like to thank you all for your attendance today, and, looking forward to staying in touch. Thank you, everyone.

Operator (participant)

This concludes today's call. Thank you for attending. You may now disconnect.