JFrog

JFrog develops a software supply chain platform that helps organizations manage, secure, and govern the artifacts, packages, containers, ML models, and AI assets that move through software delivery. Its platform is positioned as a single source of truth for automating trusted releases across DevOps, DevSecOps, DevGovOps, and MLOps workflows.

The portfolio spans universal artifact and model management, software supply chain security, release distribution, IoT and edge update delivery, application risk governance, and AI/ML lifecycle management. JFrog supports SaaS, self-managed, hybrid, multi-cloud, and air-gapped deployment models for enterprises that need traceability, policy enforcement, and operational consistency from development through production.

JFrog has also expanded into agentic AI governance with offerings for AI catalogs, MCP control, and skills governance, extending its role from binary management into broader software and AI supply chain operations.

Offerings, Capabilities, and Integrations

JFrog combines artifact and release management with built-in security, policy enforcement, evidence collection, and runtime context. Customers can standardize how software packages, containers, SBOMs, ML models, and AI assets are stored, promoted, approved, and distributed across development, CI/CD, production, edge, and air-gapped environments.

Integration breadth is a core part of the offering. JFrog supports 40+ package technologies and 100+ ecosystem integrations across source control, build systems, CI/CD, cloud, ITSM, and AI workflows. Its ecosystem includes GitHub, Jira, Jenkins, Maven, Gradle, Docker, Kubernetes, ServiceNow, NVIDIA, Amazon SageMaker, and Azure DevOps, with automation exposed through APIs, CLI, webhooks, and OIDC-based identity flows.

Products and Services

• JFrog Artifactory: Universal artifact, package, container, and ML model repository manager that serves as the system of record for software releases and build metadata across the software supply chain.
• JFrog Xray: Software composition analysis and artifact security product that scans artifacts, builds, and dependencies for vulnerabilities, license issues, and malicious packages.
• JFrog Curation: Supply chain control layer that blocks risky or non-compliant open-source packages, IDE extensions, and models before they enter development workflows.
• JFrog Distribution: Release distribution product for packaging and delivering trusted, immutable release bundles and SBOMs across cloud, on-premises, edge, and air-gapped environments.
• JFrog Connect: IoT and edge device management offering for secure over-the-air software updates, fleet control, and developer-to-device traceability.
• JFrog Advanced Security: Advanced software supply chain security add-on for source code and binary scanning, including SAST, secrets detection, IaC scanning, misconfiguration detection, and contextual analysis.
• JFrog Runtime: Runtime security capability for Kubernetes environments that monitors live behavior, correlates workloads to trusted sources, and prioritizes exploitable risks in production.
• JFrog AppTrust: Application risk governance solution that embeds governance, risk, and compliance into the software supply chain with evidence-based controls and trusted release workflows.
• JFrog ML: AI/ML delivery offering for building, training, securing, deploying, serving, and monitoring ML models and GenAI workloads.
• JFrog AI Catalog: AI governance and discovery offering for managing approved models, external AI services, and related AI assets through a centralized control plane.
• JFrog MCP Registry: Enterprise control plane for governing and securing MCP servers as part of the broader AI supply chain.
• JFrog Agent Skills Registry: Governed registry for agent skills that applies versioning, scanning, signing, and policy controls to skills used by enterprise AI agents.
• JFrog Professional Services: Advisory, implementation, migration, and training services that help customers deploy, secure, and optimize the JFrog Platform.

Target Customers

JFrog primarily targets enterprise and upper-midmarket software organizations that need centralized control over complex software supply chains. Common buying centers include platform engineering, DevOps, DevSecOps, security, release engineering, and IT governance teams seeking a single system of record across hybrid, multi-cloud, or regulated environments.

Its addressable users also include AI/ML teams managing model lifecycles and AI governance, along with device makers and connected-product teams that need secure delivery to IoT and edge fleets. JFrog shows traction across government, financial services, retail and e-commerce, fintech, telecommunications, and other software-intensive industries where traceability, compliance, uptime, and scale are operational priorities.

Cloud Integrations and Marketplace

• AWS Marketplace: JFrog is available in AWS Marketplace with subscription and private-offer procurement options. It also highlights integrations with core AWS services including Amazon S3, Amazon EC2, Amazon EKS, Amazon ECS, Amazon SageMaker, AWS PrivateLink, and AWS Security Hub.
• Google Cloud Marketplace: JFrog is available through Google Cloud Marketplace and supports Google Cloud-hosted hybrid and cloud deployments. JFrog highlights integrations with GKE, Cloud Storage, and Cloud Run for software supply chain and AI workflows.
• Azure Marketplace: JFrog is available through Azure Marketplace for Microsoft Azure-based deployments. JFrog also integrates with Azure DevOps and GitHub to connect source code, builds, artifact management, and governance workflows in Microsoft-centric environments.

Key People

• Shlomi Ben Haim: Co-Founder and CEO
• Yoav Landman: Co-Founder and CTO
• Sagi Dudai: Chief Product and Engineering Officer
• Ed Grabscheid: Chief Financial Officer
• Tali Notman: Chief Revenue Officer
• Genefa Murphy: Chief Marketing Officer
• Fred Simon: Co-Founder and Chief Data Scientist
• Gal Marder: Chief Strategy Officer
• Shanti Ariker: Chief Legal Officer
• Keren Massad: Chief Human Resources Officer
• Aran Azarzar: Chief Information Officer
• Roie Shorer: Chief Customer Officer

Key Facts

• Headquarters: Sunnyvale, California, United States
• Employees: Approximately 1,800
• Annual Revenue: $531.8 million
• Parent Company: None
• Subsidiaries: JFrog, Inc.; JFrog India Private Ltd.; JFrog UK Limited
• Publicly Listed: NASDAQ: FROG

Analyst Recognitions

• Gartner: 2025 Magic Quadrant for Application Security Testing – Visionary.