Sold by: JFrog
Deployed on AWS
The only platform to give you end-to-end visibility, security, and control
for automating delivery of trusted releases.
4.2
Overview
Trusted by millions of developers, engineers, architects, and security professionals at thousands of enterprises, including the majority of the Fortune 100, the cloud-native JFrog Software Supply Chain Platform is the single source of truth for all software packages, data, and ML models utilized and generated in the development process.
The JFrog Platform on AWS manages all software inputs and outputs, providing organizations with complete visibility across their supply chain. This flexible, massively scalable, and hybrid platform helps improve developer efficiency by reducing wait times from builds to security scans. It allows organizations to take to the clouds with agility, leveraging both managed and self-managed instances. Critically, it enables teams to manage application risk end-to-end by applying evidence-based policies across the SDLC. Finally, the JFrog Platform helps accelerate AI/ML pipelines by treating models like a package, simplifying AI development and ensuring the success of initiatives.
Contact JFrog at cloud@jfrog.com for private offers on annual subscriptions, or visit <www.jfrog.com/pricing > for more information.
The JFrog Platform is often leveraged to consolidate enterprise DevSecOps solutions for companies utilizing GitLab, Sonatype, Snyk, or Veracode, among other solutions. Key capabilities include:
- Universal artifact management with JFrog Artifactory
- Modern, holistic SCA with JFrog Xray
- Contextual analysis of vulnerabilities with JFrog Advanced Security
- Early blocking of malicious open source packages with JFrog Curation
- Application risk governance with JFrog AppTrust
- Control and govern AI/ML development with JFrog ML
- Simplify model discovery and access with JFrog AI Catalog
- AI-assisted remediation with Agentic Software Supply Chain Security
- Real-time Kubernetes security monitoring with JFrog Runtime
- Speed up secure software consumption with JFrog Distribution
- IoT device management with JFrog Connect
- Includes 24x7 Support and in-region 99.99% uptime SLA, plus an assigned support resource with regular touch points
Highlights
- 50+ natively supported package and file types, including ML models and generic repositories.
- Comprehensive, enterprise-grade security solution integrated across the entire SDLC, eliminating tool sprawl and alert fatigue. Go beyond scanning with contextual analysis and vulnerability prioritization, anti-tampering mechanisms, and signed provenance, ensuring best practices and compliance.
- Fast, secure distribution of verified, multi-repository release bundles to sync large-scale geo-distributed teams and accelerate deployments to any target: SaaS, self-managed, or connected devices.
Details
Sold by
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/month |
|---|---|
Pro | $150.00 |
Enterprise X | $950.00 |
Dimension | Cost/unit |
|---|---|
JFrog Consumption Unit | $0.01 |
Vendor refund policy
Contact service@jfrog.com
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
24/7 SLA support service@jfrog.com
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Digital.ai
By Cloudsmith
Top
10
In Continuous Integration and Continuous Delivery, Application Development, Security
Top
50
In Agile Lifecycle Management
Top
10
In Source Control
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Artifact Repository Management
Universal artifact management supporting 50+ natively supported package and file types, including ML models and generic repositories.
Software Composition Analysis
Modern, holistic software composition analysis with contextual vulnerability analysis and prioritization across the software development lifecycle.
Supply Chain Security Governance
Application risk governance with evidence-based policy enforcement, anti-tampering mechanisms, and signed provenance across the entire software development lifecycle.
Secure Artifact Distribution
Fast, secure distribution of verified, multi-repository release bundles with geo-distributed synchronization capabilities to multiple deployment targets.
AI-Powered Predictive Analytics
Generate predictive insights across the software lifecycle to enable data-driven decision making and smarter software investments.
Unified DevOps and Security Integration
Integrate DevOps and security capabilities across the full software lifecycle to enable continuous delivery with built-in protections against tampering, reverse-engineering, and application-based attack vectors.
Enterprise Agile Planning and Scaling
Scale agile practices across all organizational levels from individual teams to entire product portfolios with consistency and efficiency.
Multi-Environment Application Deployment
Deploy applications to any target environment including mainframes, virtual machines, containers, and cloud platforms with support for thousands of simultaneous deployments and automatic rollback capabilities.
Continuous Testing at Scale
Enable enterprise-level testing with increased test coverage across web and mobile applications to deliver high-quality, error-free software.
Universal Package Format Support
Support for 30 package formats enabling organizations to create a single source of truth for artifact management across diverse software types.
Dependency Firewall with Vulnerability Scanning
Caching of packages from open-source repositories with vulnerability scanning and policy compliance validation before distribution to developers.
Zero Trust Security Architecture
Automated zero-trust workflows across services, teams and users for controlling software intellectual property and mitigating risks.
Cloud-Native Global Distribution
Fully managed, cloud-native architecture optimized for fast and reliable artifact delivery across distributed teams and geographic locations.
ISO27001 Accreditation and Access Control
ISO27001 accredited platform with comprehensive access management, compliance enforcement and security best practices implementation.
Standard contract
No
No
No
Customer reviews
Ugnius A.
Streamlined Dependency Management with Robust Features
Reviewed on Mar 04, 2026
Review provided by G2
What do you like best about the product?
I use JFrog mainly as an artifactory for Docker images and npm packages. I love its universal package management, and my favorite feature is virtual repositories, which provide my team with a single URL for all our dependencies. I really appreciate how well JFrog integrates with the rest of our 2026 stack, especially GitHub Copilot. JFrog's curation is excellent for blocking malicious zero-day packages before they can even hit our local cache. Using the JFrog app for GitHub, I can link my source code directly to the final binary, making traceability automatic. The 2026 stack integration allows me to see security alerts directly in my IDE, so I don't have to switch to a dashboard. Lastly, the technical setup through Docker was a breeze.
What do you dislike about the product?
I dislike the false positives and high entry fee. The configuration setup was a bit of a maze.
What problems is the product solving and how is that benefiting you?
I use JFrog to prevent outages by caching dependencies and solving 'worked on my machine' issues with binary linking to commits. It integrates well with my stack, blocks malicious packages, and streamlines dependency management with virtual repositories.
Mohamed A.
Simplifies DevOps with Security, But Setup Needs Work
Reviewed on Mar 04, 2026
Review provided by G2
What do you like best about the product?
I like how JFrog simplifies and secures the entire software delivery process. The platform brings together artifact management and security scanning and I appreciate how strongly it focuses on DevOps and automations. Having a single trusted source of dependencies removes a lot of friction instead of pulling packages from multiple external repositories, and the security scanning features add another layer of confidence.
What do you dislike about the product?
I don't like the complexity of setup and configuration, especially for large DevOps teams. Clearer onboarding and documentation for new users would really help since it took some time to figure out the initial configuration.
What problems is the product solving and how is that benefiting you?
I use JFrog to streamline the development and integration process. It simplifies and secures our software delivery, managing artifacts and conducting security scans, providing a single trusted source of dependencies and reducing friction by avoiding multiple external repositories.
Sefineh T.
Powerful for Packaging with Learning Curve Challenges
Reviewed on Mar 02, 2026
Review provided by G2
What do you like best about the product?
I like using JFrog for packaging projects because it helps ensure environment consistency, especially with Docker. This makes deploying my projects easy and professional. I also use it for automations.
What do you dislike about the product?
I find the complexity and learning curve challenging. It would be great if pre-configured templates were available. The initial setup was manageable but not plug and play.
What problems is the product solving and how is that benefiting you?
JFrog helps me package projects, making deployment easy and professional. It ensures environment consistency.
Sanooj Mananot
Centralized artifact caching has improved deployment speed and reduces cloud networking costs
Reviewed on Jan 23, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for JFrog Artifactory is to store Docker images and other build artifacts from our Java applications.
In our workflow, JFrog Artifactory acts as a centralized repository where we push all our artifacts, and being a SaaS company, we have a lot of releases happening very frequently. We also have a Kubernetes cluster where we run our worker nodes. As we release something, we ensure that it is stored and sent to the proper repository, in this case JFrog Artifactory, from where Kubernetes will pull and deploy those images.
What is most valuable?
The best features JFrog Artifactory offers include JQL, which is very helpful for finding particular artifacts that are older or identifying items that need to be cleaned up. We also appreciate the caching mechanism that allows us to cache images in different locations in our AWS infrastructure, ensuring that we do not always have to go to a central location but can fetch those artifacts from a nearby cached location.
JFrog Artifactory caching has improved our deployment speed and cost. In AWS , pulling an image from a cross-location incurs charges, and we run many jobs on an event basis, necessitating frequent image pulls from JFrog Artifactory. Since we operate in the same location, we end up paying less to our cloud provider by reducing the total network cross AZ network usage.
For usability, JQL is valuable, as it allows us to fetch particular artifacts and do cleanup efficiently.
JFrog Artifactory has positively impacted my organization, especially in terms of cost savings. We used to have a centralized repository, but with JFrog Artifactory, we can cache artifacts in different locations close to our production and development servers, significantly reducing costs.
What needs improvement?
Although JQL is a great tool, I have noticed that JQL queries can be hard to learn. A more user-friendly query language or improved UI would be beneficial, as the current UI requires deep technical knowledge for effective use.
For how long have I used the solution?
I have been using JFrog Artifactory for three years.
What do I think about the stability of the solution?
JFrog Artifactory has been stable in my experience.
What do I think about the scalability of the solution?
JFrog Artifactory is definitely highly scalable. When we deploy in serverless environments, especially ECS, JFrog Artifactory scales effectively to handle a lot of requests for serving images.
How are customer service and support?
I have not interacted with their support team, so I cannot comment on customer support.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
We initially used Amazon ECR , but it did not work well for us when scaling, which led us to switch to JFrog Artifactory, especially for multi-cloud stability.
How was the initial setup?
I purchased JFrog Artifactory through the AWS Marketplace .
What's my experience with pricing, setup cost, and licensing?
Although JFrog Artifactory is slightly high-priced, we are willing to pay for it because it is a critical part of our technology operations and DevOps processes. While there are free tools available, we find it worth the investment.
Which other solutions did I evaluate?
I evaluated ECR from Amazon before choosing JFrog Artifactory.
What other advice do I have?
JFrog Artifactory still has room for improvement, particularly with the user interface and documentation. However, JFrog Artifactory has helped us scale faster and is a highly available, robust artifact repository that boosts our confidence in production.
My advice for others considering JFrog Artifactory is to start with free tools available in the market. If you encounter bottlenecks while scaling, that is when you may need a dedicated tool like JFrog Artifactory. Larger companies will need a robust artifactory to ensure their production does not struggle.
My company does not have any business relationship with JFrog Artifactory other than being a customer. I rate JFrog Artifactory a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
SachinShelar
Centralized artifact workflows have improved multi-client releases and ensure consistent deployments
Reviewed on Jan 19, 2026
Review from a verified AWS customer
What is our primary use case?
JFrog Artifactory serves as our main tool for managing and distributing software artifacts across our deployment pipelines. We use it primarily for storing, versioning, and securely sharing binaries, Docker images, and dependencies across multiple client environments, ensuring consistent builds and faster release cycles.
In a recent project, we used JFrog Artifactory to manage Docker images and dependencies for a multi-service application deployment across several client environments. By pulling versioned artifacts directly from JFrog Artifactory, we ensure consistent builds, faster deployments, and reduced errors, which helped the team deliver updates reliably across both cloud and on-premises systems.
We also use JFrog Artifactory for dependency management and release promotion, moving artifacts from deployment to QA to production in a controlled, versioned way. This streamlines CI pipelines, ensures traceability, and reduces deployment errors across multiple clients.
What is most valuable?
The best features JFrog Artifactory offers are the universal artifact repository, versioning and immutability, secure access control and permissions, Docker and Helm registry support, artifact promotion workflows, high availability, and scalability.
The universal artifact repository in JFrog Artifactory lets us store and manage all types of artifacts, Docker images, binaries, and dependencies in one place, which simplifies CI/CD pipelines across multiple client environments. Secure access control ensures only authorized users and CI/CD jobs can access or deploy artifacts, reducing the risk of accidental overwrites or unauthorized deployments. For example, during a recent multi-client release, this setup ensured consistent builds and prevented deployment errors, even across different cloud and on-premises environments.
JFrog Artifactory has streamlined our build and deployment process across multiple clients and environments. We have seen faster, more reliable releases, reduced build errors, and improved JFrog Artifactory traceability, which helps with auditing and compliance. Overall, it has saved time in CI/CD pipelines and ensured consistency across cloud and on-premises deployments.
What needs improvement?
JFrog Artifactory could be improved with a more intuitive user interface and faster search capabilities, especially when managing large multi-client repositories. Setup and configuration for multi-tenant environments can be complex, and better out-of-the-box monitoring and alerting features would help reduce operational work overhead.
Faster replication for global deployments and more native integration with security scanning tools would be helpful.
For how long have I used the solution?
I have been using JFrog Artifactory for three years.
What do I think about the stability of the solution?
JFrog Artifactory is stable.
What do I think about the scalability of the solution?
JFrog Artifactory is scalable from small and medium enterprises to larger enterprises and very large enterprises.
How are customer service and support?
My overall experience with JFrog Artifactory's customer support has been good for standard issues with reasonable quick responses and helpful guidance. However, when there are complex or multi-cloud deployment issues, resolution sometimes takes a longer time.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Previously, we used a combination of local artifact repository and manual versioning, which was prone to errors and inconsistent builds. We switched to JFrog Artifactory because it provides centralized artifact management, version control, CI/CD integration, and better reliability across multi-client environments.
How was the initial setup?
The initial setup was good, but it took a lot of time to complete.
What was our ROI?
We have clearly seen a return on investment with JFrog Artifactory. Due to its centralized artifact management, which has reduced build and deployment times by twenty percent, prevented multiple rollback incidents, and freed our team from manually managing dependencies, saving several hours per week. For example, during a recent multi-service deployment across several client environments, consistent artifact versioning eliminated five potential errors, ensuring a smooth and reliable release.
What's my experience with pricing, setup cost, and licensing?
JFrog Artifactory pricing and licensing are enterprise-level, which means it is relatively costly, especially for high availability and replication across regions.
Which other solutions did I evaluate?
We evaluated other options such as GitHub Packages and Nexus Repository Manager . We chose JFrog Artifactory because it offered the broadest universal artifact support and better scalability for multiple client hybrid cloud environments.
What other advice do I have?
I would rate JFrog Artifactory nine out of ten.
I chose nine out of ten because JFrog Artifactory greatly improved build consistency, CI/CD efficiency, and artifact traceability, which are critical across multiple client environments. I did not give it a perfect score of ten due to the user interface complexity, slower search in large repositories, and some setup challenges for multi-tenant deployments, which could be improved.
JFrog Artifactory should provide better documentation for advanced multi-client and multi-cloud setups, which would also reduce time and troubleshooting effort.
I would recommend that you plan your repository structure, take advantage of versioning and artifact promotion, and access control to ensure consistent builds and secure releases. Also, prepare for initial setup effort in multi-client or multi-cloud environments to maximize efficiency and reliability.
Which deployment model are you using for this solution?
Public Cloud