 When welcome to theCUBE conversation here at theCUBE Studios in Palo Alto, California, I'm John Furrier, co-host of theCUBE and co-founder of SiliconANGLE Media. We're here with Slomy Ben-Hame, who's the founder and CEO of JFrog, hot startup, asked him to come in to chat about his business. In the DevOps space, we see him at a lot of shows, your company's doing well, we love the marketing, the frog thing is great, love it, very cool. But there's a lot of real serious action going on in the enterprise and in the cloud and in emerging tech, whether it's AI or machine learning, whether it's internet of things, developers are front and center in the marketplace and there's a boatload of noise out there. I was like, you know, this approach, this approach, I mean, there's a lot of different approaches, but at the end of the day, the devs are driving a lot of innovation. You guys are the center of it, so welcome to theCUBE. Thank you. So first question for you, just take a minute to talk about what you guys do, JFrog, what's your company, what's your business, do you do, what are you guys up to, what's your deal? So the way I think that the community will describe us would be that we are the binaries people. We are taking care of your binaries and as you know in the DevOps world, everything you do, you do with your binaries, with your software artifacts. So I heard some of the community members call us the database of DevOps and we are the providers of Artifactory, Bintray, X-ray and Mission Control, which take care of your binaries, managing them, host them, distribute them and secure them. Open Source event we were at, we saw you guys, because I was doing all the interviews and you guys were right on the edge there. I think you guys got some nice background images off theCUBE videos, but it was really interesting. I mean, the trend is your friend as the saying goes and the number of open source projects is increasing. The actual lines of code is exponentially going to grow from like 22 million to like 200, 400 million lines of code over the next couple of years. I mean, that's hockey stick. So more developers are coming in, not old school like me that built their own stuff from scratch is a lot of Lego blocks. In fact, Jim Zemlin said that 10% of the code will probably be original ideas and differentiation. 90% of most of the code will be a code sandwich, which I believe I think that's a legit direction. How do you guys fit into that trend and what does that mean for your business? Because I can imagine there's a ton of GitHub stuff going on, tons of forking, tons of projects. We've got blockchain catching the world by storm. There is a massive developer tsunami going on. How do you guys help them? So it's very interesting, when we started JFrog, actually my co-founder, Joav Landman, started by providing developers with a very dummy basic solution to proxy public repositories like Maven Central. And it was not about the code. For the first time it was about the binaries. Code is great and the line of code as you said, it's going to go enormous. But what happened is that when you need to automate, when you need to rebuild, when you need to release faster, you go down to the binary level to the software artifact level and guess what? No one took care of your binaries before. You were just throwing your binaries to your version control or a file store, right? You, maybe you were hostaging them. They were messy and it's like a kid with their room. It's all the stuff spread around all over the place. Where's that binary? No one keep track of it. Nobody care about that. But this is the one thing that you keep consuming, keep building with, keep recompiling. And in the era of DevOps, is the one asset that you need to automate and reuse. So this is where we- So the core problem I get this right is that, compiling is going to be, if you think of DevOps, it's infrastructure's code, as the phrase goes as we always say. And programming infrastructure is what dev guys want to do. They don't want to be in the business of, switching configuration, getting in the routers and the network. They want it to be just one layer of resource. Serverless is a great trend for you. More and more developers going to love this. So they want to program. So when you're programming the inherent next step is, where's the code? Who's compiling it? It doesn't need to be compiled. Is that kind of the core problem with more and more stuff going on under the hood that needs to be managed? Is that part of your business solution or is the problem just lost binaries? What's the core problem? It's a perfect question. First of all, we are providers. We are the providers of the only universal solution. So binaries are not just for Java developers. They are not just for Python developers. They are not just for .NET developers. They are not just for Docker users and the way you package it. Binary happens between your Git and your CI server, let's say Jenkins, Git and Jenkins, and your Kubernetes. Something happened between those two sides, your orchestration tool and your code repository tool. In this land is where binaries play a very significant role and this is where we are a major player. So is the problem error prone in that zone? So in the zone, it's like the Wild West. It's a black hole, if you will. Think about it, what you're saying, if I get it right. There's a lot of stuff that goes on in there. Is it mismanagement? What's the core thing that you guys going to do there? Tons of binaries, too much public repositories that the community cannot rely on. You need to manage and host your own binaries, the one that you create yourself. And to provide, and this is the last trend we see in the market, big organization need to provide DevOps as a service to their own developers. So they need to host this very important asset that we call software artifact and binaries, all Docker images or whatever you want to call it. Yeah, a lot of great trends going on. Obviously containers and Kubernetes you mentioned. Let's get into those. That's driving a lot of change. Certainly containers has been around for a while. You know, whether you call it wrappers or whatever, it's a great magical thing. We love containers. Kubernetes really gets the trend right. If you look at the Google trends, you see Kubernetes has got so much more traction than containers, although I'm not saying one's more relevant than the other. Certainly orchestration is important. Linking and loading all these containers together. Why is Kubernetes accelerating the binary conversation? Is it because more rapid developments going on, more programmability is going on? Why is Kubernetes impacting the binaries components more now than ever? So putting aside the need for automating and integrating, it's all, this all orchestration solution requires some work on the binary level. But if you think about what Kubernetes is trying to solve or what the containers overall are trying to solve, is a better, faster release, better, faster deployment, better, faster delivery. And then you can do it only if you will combine the power of the developers and the power of the machine and release faster. This is what we're saying, Jay, release faster or die, because it's all about how fast can you release. Before we get into some of the product specific stuff, I want to ask you some pointy questions on that. I want to ask you about automation. And so AI is obviously hot, I love AI. Even though it's hyped up, it still promotes great software development. Machine learning really is where the meat on the bone is there. So machine learning and automation bots, whatever you want to look at it, there's an opportunity to actually create adaptive code. How do that new software paradigm affect binaries? Because I can almost imagine that if you got a bot going wild, you know, it could screw up the binaries. Completely. So can you comment on that, that area? I mean, obviously we want more bots because automation is a good thing on one level, but how do you guys look at that mark as an opportunity, as a challenge? What's that whole AI thing look like? Well, if we take a step back, I think the DevOps started with the need to automate and release faster. And it was like the playground of developers, we need a better integration. We need a continuous integration. We need a better delivery. We need a continuous delivery. And if you think about it now, in 2020 perspective, you understand that this was all milestones. The next big challenge is continuous updates. People like me, people like you, just want the devices and machines to be updated. And secure, I mean, look at Equifax. And secure. I mean, Equifax is a great example. Absolutely. They didn't update the code. And it's flowing. And it's just happening and insecure. And in the world of automation, the world of AI, I think that the next big challenge of DevOps is, how can I create a continuous update machine, which is also secured? And software update will just flow. It will not be something that you press, I agree, I reboot and do any kind of crazy stuff in order just to get your software update. And it's more about the user experience of all of us. It's not just developers and DevOps companies anymore. That's a great vision, by the way, I love that. And it should work like that. And programmable infrastructure for DevOps should be programmable and always available and highly reliable. I mean, Mark Zuckerberg used to have the saying, move fast, break stuff. That's not a DevOps ethos, by the way. I mean, they built their own DevOps. Then he kind of quickly waffled back to, move fast, be reliable because, you know, he got some religion on ops. So totally get that. Let's kind of go into today's world. So that kind of gives us a little future view. What is a use case for a customer? Take me through the day and the life of a customer that's using JFrog. What are their problems? What are some of the things that are burning in their office? Where's the smoke? What's the problem that they have that they need to take care of their binaries? Sprawl of code? Just mismanagement. I mean, what are some of the signals? Share with your view there. Yeah, so it starts with the fact that it's not your developer anymore that builds software. You have a CI server, though, that never goes to a lunch break. Never take a break with Facebook, which by the way, it's a great company, but sometimes it's disruptive during the time, during the work time. And you keep building and building like crazy. Your CI server keeps producing binaries. It's an always-on code machine, basically. That's what the environment is. It's a binaries machine. And it's being built 24 by 7. And yes, you use just a portion of it, but you have to host and manage all of it. And if you will host it in your version control, it will explode. If you will put it in a file store, it will not be something you can manage. Explode because of capacity or? Because you cannot do any cleanups on a version control. Not gate or subversion or perforce or any of them. You don't do cleanups on version control. So hygiene is an issue? Yes. Plus integration. You need to integrate with your ecosystem. Plus promotion. You need to allow and automate promotion of the specific bytes that you build. So that's why people call you the database or I would even say the brains of binaries. So you've got to keep track of the goods, if you will. It's like the crown jewel is the binary. Right. If I get that right. Okay, so let's take it to the next level. So you have a good hygiene. You got good stuff going on. What are you guys doing specifically that gives you a differentiation in the market? Because is it software? Is it hardware? What is the JFrog differentiation? So I think that the first thing that happened to us was that we realized that binaries is for everyone. If you remember JFrog slogans from 2010, it was binaries for the people. We felt like we are leading the revolution of taking care of your binaries. And therefore we decided that whatever we build, our philosophy base, our concept will be universal. So we started with the Java community, Maven and Gradle, and then the .NET community with Nougat. And then when it came to be more like a DevOps industry in 2013 or 14, was it? Yeah, roughly. 2008 to 2014 was really the cloud, Arati, and then it grew, and then it matured a little bit. Yeah, and the combination of Dev and Ops and IT. And then we started to support packages like Debian and RPM, young repositories, Docker registry. We were the first Docker registry in the market. Yeah. You were riding the wave in the beginning. Yes. We were riding there, riding the binary wave with the cloud growth, native cloud growth, public cloud growth, big time. Which by the way, had a lot of iterations quickly. Which is also one of our differentiators. We are the only hybrid providers for your binary solution. We have it in the cloud, any cloud, or on-prem. Who's the competition? So it's a very good question. On an niche level, we have companies like Docker that provide a Docker registry. We have Coors that provide Docker registry. By the way, anyone in the market now want to have a Docker registry, a container registry. On the Java Maven domain, Sonaty provide Nexus, which is a binary repository manager for Java, for Maven builds. NPM provide the solution for NPM. But if you think about the universal solution that supports all those. Those were siloed, platform-specific binaries. You're taking much more of a holistic, horizontally scalable, any binary, any time management. Exactly. We don't do the before and after, but in the binaries world, we want to be one solution for all. All right, so I get the whole registry thing. I love that positioning. Just a dumb question. When someone's coming in and managing and manipulating the registry, how do you guys handle that piece? How do you know that a Java request coming in from a Java registry? Do you guys have a front end to this thing? Is it your software? So how do you guys manage the integration of request to and from the binaries? The read and write to the repository. So Artifactor is a very sophisticated repository, if I may say. It's built more like a database. It's based on a checksum mechanism and not just a basic file store. Can you verify it? Yes. Coming in on the front end. Right. The incoming read. It's a machine, caching, managing, hosting and distributing. It's all happening in Artifactor. And performance is good? No problem with performance. Well, we are the only provider that has a highly available solution with over 4,000 customers. So I guess it is. Yeah, you're doing good. You get a smile. Yeah, I see you at the shows. You got a good reputation, so it's great to have you come in. I guess I wanted to just take a minute to pause because I know we're having a great concert. I can talk about CI servers till the cows come home. One of my favorite topics, DevOps. That's people who have been following me since 2008. No, I love the cloud-native vision from day one. But there's a lot of people out there who don't know what the hell a binary is. So take a minute and explain what is a binary and why is it such an important thing right now in context to open source growth, more developers coming in, context to enterprises trying to be cloud-like and just for the general purpose, why are binaries important? Why should the general public, how would you talk about what is a binary? Well, I'll try. So I think that the main difference is that binaries are more like, and maybe it's a basic metaphor, but binaries are more like fresh food unlike a freeze food. Your source code is freeze. You're not allowed to touch it. You're not allowed to clean it. You're not allowed to change it. Your 1.0 will be my 1.0. And it's kind of a freeze food. And this is why, and therefore, Git and other players in this market are so important. And we see how Bitbucket with Atlassian and GitHub are growing and still playing a significant role. Binaries are different. Binaries is the fresh food. Something that you keep changing any minute and you build with a specific binary something and then something else. And it becomes another binary if I may say so. And I think that the flexibility that you need to gain when you go on a full automation and a full integration is the flexibility that you can get on the binary level. You cannot get it on the code level. And therefore, binary is playing a very significant role in the cloud era and in the DevOps era. So it allows for extensibility of source code in a way what you're saying. You can eat the frozen food or you can chop up your own organic meal yourself. Okay, get that. So, okay, final question for you. Thanks for coming and appreciate the 101 on binaries there. People will always just go on Wikipedia and look at other definitions on Stack Overflow and whatnot. What is the customer value proposition for JFrog? Why should I work with you? What's the main reason if you have 4,000 customers? What's driving them to use you? Is it just convenience? Is it scalability? All of the above, just take a minute to explain why customers go to you and if people don't work with you, why should they work with you? So I think that the biggest challenge today is that you want to treat binaries as first level citizens. And instead of having an NPM repository, Docker registry, Maven repository, Piper repository and there is no single organization that will have just one repository, you can have it all with JFrog. The second thing we are the providers of highly available solution to protect your data centers. So if you don't want your 1,000 developers sitting down waiting for the binary repository to be up and running and to allow the environment, then you probably want to secure- For the activity and efficiency, absolutely. We are also providing a tool to secure your binary flow and the platform that distributes your binaries. We take binaries very seriously, over two billion downloads a month on Bintray, our distribution hub. And we work with the community and for the community. We are developers by ourselves coming from the open source community. So it's all bottom up and community friendly. Show me great commentary. I want to just get a personal, take your JFrog hat off for a minute, put your developer, executive, industry expert hat on and share with the audience your view on the developer market. I mean, there's been a lot of negative press around the programmer lately and all these things and the trends are clear, right? That you have massive growth in open source, okay? Comment on the role open source plays as it goes into some argue fifth generation, fourth, fifth generation. I remember the first generation I was coding on. I mean, those were the days, but different. It's changed. You have so much code. It's really a party right now in open source. There's so much good stuff happening. I mean, Google's donating TensorFlow, all these people putting real big libraries out there to code on. Kubernetes. Kubernetes is just so awesome. People get really system guys specifically love what's going on in the cloud. But cloud is exploding a lot of opportunities to IoT and AI. What's the developer market like right now? Just share your thoughts. What's the sentiment? What's the excitement? What are the young kids doing? What are some of the big things that you see happening? Well, from business perspective, what we see in the market is developers, first of all, taking decisions. They hear their managers coming with the pain and expected to solve it. And the bottom up process is something we never saw in the market. The last five, six years, we see more and more developers kind of educating their managers with how to do it and how to do it faster. The second thing, and this is- So bottom up's happening now, you're saying? Happening for the last five years and it's- Getting faster. It's going. The second thing, we see in the cloud. You see it more than I am. Google and Amazon and Microsoft and Red Hat. Everyone wants a piece of the cloud oracle now, just announced two days ago, three days ago. Everyone wants a piece of the cloud and everybody understand that the data traffic comes from developers. It's not individuals, it's communities. The open source community is giant and it's a very important player in the data traffic of what we call the cloud highway. And the community is a very most important piece you would agree with that, right? I mean, we're very community focused. That's the key, right? Yes. Absolutely. I think the world will be developer indoctrinated with basically developer premises across all business. So it's not a department anymore. It's permeating all through organizations. Right. Developer life. And also impact our user experience, you know? People like, you know, simple people that doesn't understand code and not contributing to the open source world still need software updates and competitive analysis are talking about that. How fast can you release? Well, Stu Miniman and Dave Vellante and Peter Burris and I always talk about the community is the key in an open source. You guys have been very successful in the community. Congratulations. And obviously we're very community focused with our content with theCUBE. If you like theCUBE, check us out at cube.net. Give us a call, come in the studio. If you're a thought leader, love to chat with you. I'm John Furrier with theCUBE. More thought leadership coverage in Palo Alto here inside theCUBE. We'll be right back. Thanks for watching.