Listing Thumbnail

    JFrog Software Supply Chain Platform

     Info
    Sold by: JFrog 
    Deployed on AWS
    The only platform to give you end-to-end visibility, security, and control for automating delivery of trusted releases.
    4.2

    Overview

    Trusted by millions of developers, engineers, architects, and security professionals at thousands of enterprises, including the majority of the Fortune 100, the cloud-native JFrog Software Supply Chain Platform is the single source of truth for all software packages, data, and ML models utilized and generated in the development process.

    The JFrog Platform on AWS manages all software inputs and outputs, providing organizations with complete visibility across their supply chain. This flexible, massively scalable, and hybrid platform helps improve developer efficiency by reducing wait times from builds to security scans. It allows organizations to take to the clouds with agility, leveraging both managed and self-managed instances. Critically, it enables teams to manage application risk end-to-end by applying evidence-based policies across the SDLC. Finally, the JFrog Platform helps accelerate AI/ML pipelines by treating models like a package, simplifying AI development and ensuring the success of initiatives.

    Contact JFrog at cloud@jfrog.com  for private offers on annual subscriptions, or visit <www.jfrog.com/pricing > for more information.

    The JFrog Platform is often leveraged to consolidate enterprise DevSecOps solutions for companies utilizing GitLab, Sonatype, Snyk, or Veracode, among other solutions. Key capabilities include:

    • Universal artifact management with JFrog Artifactory
    • Modern, holistic SCA with JFrog Xray
    • Contextual analysis of vulnerabilities with JFrog Advanced Security
    • Early blocking of malicious open source packages with JFrog Curation
    • Application risk governance with JFrog AppTrust
    • Control and govern AI/ML development with JFrog ML
    • Simplify model discovery and access with JFrog AI Catalog
    • AI-assisted remediation with Agentic Software Supply Chain Security
    • Real-time Kubernetes security monitoring with JFrog Runtime
    • Speed up secure software consumption with JFrog Distribution
    • IoT device management with JFrog Connect
    • Includes 24x7 Support and in-region 99.99% uptime SLA, plus an assigned support resource with regular touch points

    Highlights

    • 50+ natively supported package and file types, including ML models and generic repositories.
    • Comprehensive, enterprise-grade security solution integrated across the entire SDLC, eliminating tool sprawl and alert fatigue. Go beyond scanning with contextual analysis and vulnerability prioritization, anti-tampering mechanisms, and signed provenance, ensuring best practices and compliance.
    • Fast, secure distribution of verified, multi-repository release bundles to sync large-scale geo-distributed teams and accelerate deployments to any target: SaaS, self-managed, or connected devices.

    Details

    Sold by

    Delivery method

    Deployed on AWS
    New

    Introducing multi-product solutions

    You can now purchase comprehensive solutions tailored to use cases and industries.

    Multi-product solutions

    Features and programs

    Buyer guide

    Gain valuable insights from real users who purchased this product, powered by PeerSpot.
    Buyer guide

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    JFrog Software Supply Chain Platform

     Info
    Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    1-month contract (2)

     Info
    Dimension
    Cost/month
    Pro
    $50.00
    Enterprise X
    $950.00

    Additional usage costs (1)

     Info

    The following dimensions are not included in the contract terms, which will be charged based on your usage.

    Dimension
    Cost/unit
    JFrog Consumption Unit
    $0.01

    Vendor refund policy

    Custom pricing options

    Request a private offer to receive a custom quote.

    How can we make this page better?

    Tell us how we can improve this page, or report an issue with this product.
    Tell us how we can improve this page, or report an issue with this product.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Support

    Vendor support

    24/7 SLA support service@jfrog.com 

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly

    Accolades

     Info
    Top
    10
    In Continuous Integration and Continuous Delivery, Application Development, Security
    Top
    50
    In Agile Lifecycle Management
    Top
    10
    In Source Control

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    2 reviews
    Insufficient data
    Insufficient data
    Insufficient data
    Insufficient data
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Artifact Repository Management
    Universal artifact management supporting 50+ natively supported package and file types, including ML models and generic repositories.
    Software Composition Analysis
    Modern, holistic software composition analysis with contextual vulnerability analysis and prioritization across the software development lifecycle.
    Supply Chain Security Governance
    Application risk governance with evidence-based policy enforcement, anti-tampering mechanisms, and signed provenance across the entire software development lifecycle.
    Secure Artifact Distribution
    Fast, secure distribution of verified, multi-repository release bundles with geo-distributed synchronization capabilities to multiple deployment targets.
    AI-Powered Predictive Analytics
    Generate predictive insights across the software lifecycle to enable data-driven decision making and smarter software investments.
    Unified DevOps and Security Integration
    Integrate DevOps and security capabilities across the full software lifecycle to enable continuous delivery with built-in protections against tampering, reverse-engineering, and application-based attack vectors.
    Enterprise Agile Planning and Scaling
    Scale agile practices across all organizational levels from individual teams to entire product portfolios with consistency and efficiency.
    Multi-Environment Application Deployment
    Deploy applications to any target environment including mainframes, virtual machines, containers, and cloud platforms with support for thousands of simultaneous deployments and automatic rollback capabilities.
    Continuous Testing at Scale
    Enable enterprise-level testing with increased test coverage across web and mobile applications to deliver high-quality, error-free software.
    Universal Package Format Support
    Support for 30 package formats enabling organizations to create a single source of truth for artifact management across diverse software types.
    Dependency Firewall with Vulnerability Scanning
    Caching of packages from open-source repositories with vulnerability scanning and policy compliance validation before distribution to developers.
    Zero Trust Security Architecture
    Automated zero-trust workflows across services, teams and users for controlling software intellectual property and mitigating risks.
    Cloud-Native Global Distribution
    Fully managed, cloud-native architecture optimized for fast and reliable artifact delivery across distributed teams and geographic locations.
    ISO27001 Accreditation and Access Control
    ISO27001 accredited platform with comprehensive access management, compliance enforcement and security best practices implementation.

    Contract

     Info
    Standard contract
    No
    No
    No

    Customer reviews

    Ratings and reviews

     Info
    4.2
    153 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    52%
    42%
    4%
    1%
    1%
    6 AWS reviews
    |
    147 external reviews
    External reviews are from G2  and PeerSpot .
    Elsa L.

    Centralized Artifacts, Smooth Deployments, and Reliable CI/CD with JFrog

    Reviewed on Jul 05, 2026
    Review provided by G2
    What do you like best about the product?
    What I like most about JFrog is how it centralizes everything related to software packages and artifacts in one place. That consolidation has made our release process far more organized and dependable. Instead of juggling packages across multiple repositories, we can store, version, and distribute them from a single platform, which makes deployments noticeably smoother.

    A feature I rely on often is Artifactory’s support for multiple package formats. Whether we’re working with Docker images, Maven, npm, or other package types, it all gets handled in a consistent way. Integrating it with our CI/CD pipeline was also straightforward, and once it was connected, it automated a lot of the manual steps we used to do ourselves. As a result, we’ve saved time and seen fewer deployment mistakes.

    From a UI standpoint, the interface feels clean and easy to navigate. Finding artifacts, checking versions, and managing repositories doesn’t require digging through complicated menus, which is especially useful when we’re troubleshooting build issues.

    Performance has been strong as well. Uploads and downloads are fast, and we’ve rarely run into downtime or delays, even when multiple developers are working at the same time. That level of reliability gives us more confidence during releases.

    I’ve also appreciated the documentation and onboarding experience. There are plenty of guides and examples, so getting started wasn’t difficult, and when we’ve needed support, the responses have been helpful and knowledgeable.

    Another feature that has added value is JFrog’s AI-powered security and intelligence capabilities. The platform helps surface vulnerabilities and provides useful insights into dependencies, making it easier to identify potential risks early in the development lifecycle instead of discovering them later during deployment.

    One unexpected benefit has been improved traceability. Being able to quickly see where artifacts came from, which versions were deployed, and how everything ties together has made debugging and auditing much easier than it used to be.

    Overall, JFrog has streamlined our development workflow, improved collaboration across the team, and reduced the time we spend managing artifacts manually. While it’s a premium product, the time savings, automation, reliability, and intelligent security insights have made it a worthwhile investment for our team.
    What do you dislike about the product?
    JFrog is a powerful platform, but it does have a fairly steep learning curve, especially when configuring advanced features. While the UI is clean, some settings could be more intuitive.

    The pricing can also be high for smaller teams, and the AI-powered features, while useful, could provide more proactive recommendations and automation. Improving onboarding, simplifying advanced workflows, and enhancing the AI capabilities would make the overall experience even better.
    What problems is the product solving and how is that benefiting you?
    JFrog helps us centralize artifact management and automate our software delivery process. Instead of managing packages across multiple repositories, everything is stored, versioned, and distributed from a single platform, which makes deployments more reliable and reduces manual work.

    It has also improved collaboration across our development team, made it easier to track artifact versions, and helped identify security issues earlier in the development lifecycle. Overall, it's saved us time, reduced deployment errors, and made our release process much more efficient.
    Dilraj S.

    Reliable, Smooth Artifact Management That Stabilizes CI/CD

    Reviewed on Jul 02, 2026
    Review provided by G2
    What do you like best about the product?
    What I like most about JFrog is how reliable it is and how smoothly it handles artifact management. It keeps dependency management and our CI/CD pipelines more stable and predictable, which makes day-to-day work easier.
    What do you dislike about the product?
    One thing I dislike is that JFrog can feel a bit complex when you’re first setting it up and configuring it. It offers a lot of features, but it can take some time to fully understand how they work and to optimize your configuration.
    What problems is the product solving and how is that benefiting you?
    JFrog addresses the challenge of managing and distributing software artifacts in a reliable, centralized way. By providing a single source of truth for binaries, it reduces confusion around versioning and dependencies. For me, this translates into more consistent builds and fewer deployment issues that come from missing or mismatched dependencies.
    Harshal P.

    Reliable, Scalable Artifact Management with Broad Package Manager Support

    Reviewed on Jul 02, 2026
    Review provided by G2
    What do you like best about the product?
    JFrog delivers an exceptionally reliable, centralized artifact repository management system that scales smoothly alongside enterprise CI/CD pipelines. What really sets it apart is its strong, native support for a wide range of package managers—such as Docker, npm, Maven, PyPI, and NuGet—so development teams can rely on a single, unified source of truth for all binary builds. In addition, its seamless integration with automated security and compliance scanning tools helps ensure dependencies are thoroughly checked for vulnerabilities well before they reach production, which significantly increases overall confidence in deployments.
    What do you dislike about the product?
    As artifact storage scales, licensing and infrastructure costs can become quite high, often requiring significant compute resources and strict cleanup policies to avoid storage bloat. On top of that, the artifact search can feel slow when you’re working with very large repositories, and multi-region replication sometimes experiences minor synchronization delays that can temporarily slow down localized CI/CD pipelines.
    What problems is the product solving and how is that benefiting you?
    JFrog is a centralized, highly reliable binary repository manager that helps streamline our CI/CD pipelines. It solves the problem of fragmented dependency management by securely hosting our internal artifacts and caching third-party packages in one place. As a result, we get consistent, reproducible builds across multiple development teams, and our build times are significantly reduced. On top of that, its robust access controls and integrations with security scanning tools help us identify and remediate vulnerabilities early in the development lifecycle, supporting overall software integrity.
    ANSHU R.

    Reliable and Scalable for CI/CD Workflows

    Reviewed on Jun 15, 2026
    Review provided by G2
    What do you like best about the product?
    I like JFrog for its ability to centralize artifact management and integrate seamlessly with CI/CD workflows. The artifact traceability is extremely valuable because it helps us quickly identify which build version was deployed, reducing troubleshooting time during incidents. JFrog is reliable, scalable, and makes release management more organized across multiple environments. The platform improves deployment reliability and version consistency, and it is a valuable solution for teams managing modern DevOps workflows.
    What do you dislike about the product?
    One area that could be improved is the learning curve for new users. Some administrative configurations and advanced repository management features can be complex to understand initially. Additionally, troubleshooting permission-related issues sometimes requires deeper knowledge of the platform. More guided documentation and simplified onboarding for new users would make adoption easier.
    What problems is the product solving and how is that benefiting you?
    JFrog centralizes artifact management, integrates with our CI/CD pipelines, ensures deployment consistency, and improves artifact traceability across releases, making troubleshooting and release management easier.
    Saurabh B.

    Effective Version Management, Needs Improved Pricing

    Reviewed on Jun 13, 2026
    Review provided by G2
    What do you like best about the product?
    I find the experience with JFrog fine as of now. I use it for handling images and specifically for taking the immediate made of the newer version and working back, which is helpful for the tasks I do. The initial setup was quite easy and we didn't face any difficulty.
    What do you dislike about the product?
    Your work on pricing. You can work on a subscription plan, because it is highly expensive for startups, individual developers, and smaller organizations. I want you to make it a smart input for small startups. Also, you can introduce a modern UI in your JSON so that it will be better.
    What problems is the product solving and how is that benefiting you?
    I use JFrog for managing variables for a newer version of our product, saving data, and adding new engines.
    View all reviews