JFrog

JFrog was founded in 2008 by Shlomi Ben Haim, Yoav Landman, and Fred Simon in Sunnyvale, California, with the original mission of solving binary artifact management for DevOps teams. The flagship Artifactory product became the de facto universal package repository for enterprise software development, earning the company the self-described 'Liquid Software' positioning. JFrog went public on Nasdaq (ticker: FROG) in September 2020 and has grown to approximately 1,800 employees with $531.8M in FY2025 revenue — up 24% year-over-year — serving 7,000+ customers including a majority of the Fortune 100.

JFrog's AI security expansion is an organic extension of its core competency: if you control the artifact registry, you control what enters the software supply chain — including ML models. Beginning in 2023, JFrog partnered with Hugging Face to scan the world's largest public model repository for malicious code, backdoors, and serialization attacks, and in early 2024 identified intentionally malicious models on the platform that no other scanner had detected. In September 2025, JFrog launched the AI Catalog — a dedicated governance hub for all enterprise AI assets (external APIs, open-source models, custom models, and MCP servers) — extending its supply chain security architecture to the ML layer. JFrog Security now constitutes 7% of total revenue, 10% of ARR, and 16% of remaining performance obligations ($566M), indicating faster growth in security than the core platform.

JFrog's technical differentiation in ML model security is its binary decompilation and deep data flow analysis engine, which eliminates over 96% of the false positives produced by competing model scanners on Hugging Face. While most model scanners check only for automatically-executed code, JFrog's approach extracts and analyzes embedded code through full AST parsing and control flow analysis — surfacing zero-day malicious models that signature-based tools miss. The AI Catalog extends this into governance: shadow AI detection (identifying unmanaged models and API calls across the enterprise), policy enforcement (blocking non-compliant or malicious workloads at the gate), and MCP server cataloging for AI agent tool governance. JFrog was named a Visionary in the Gartner Magic Quadrant for Application Security Testing in October 2025.

JFrog occupies an unusual position: it is the only software supply chain platform company that has extended organically into AI/ML artifact security, without needing a point acquisition or greenfield build. This positions it against both dedicated AI security vendors (HiddenLayer, Protect AI) and adjacent platform players (GitHub Advanced Security for code, Snyk for open source) that are also expanding toward model governance. JFrog's moat is operational data gravity — once an enterprise centralizes all software artifacts in Artifactory, adding ML models to the same governance framework is a single platform decision. The company faces competition from MLOps platforms (Databricks, AWS SageMaker) for model registry functionality, but none of these have JFrog's security scanning depth or enterprise software supply chain integration. The JFrog AI Catalog's MCP server cataloging capability positions it as infrastructure governance for agentic AI — a category that barely existed 18 months ago and may prove to be its most important long-term growth driver.