JFrog Artifactory serves as our main tool for managing and distributing software artifacts across our deployment pipelines. We use it primarily for storing, versioning, and securely sharing binaries, Docker images, and dependencies across multiple client environments, ensuring consistent builds and faster release cycles.

In a recent project, we used JFrog Artifactory to manage Docker images and dependencies for a multi-service application deployment across several client environments. By pulling versioned artifacts directly from JFrog Artifactory, we ensure consistent builds, faster deployments, and reduced errors, which helped the team deliver updates reliably across both cloud and on-premises systems.

We also use JFrog Artifactory for dependency management and release promotion, moving artifacts from deployment to QA to production in a controlled, versioned way. This streamlines CI pipelines, ensures traceability, and reduces deployment errors across multiple clients.

The best features JFrog Artifactory offers are the universal artifact repository, versioning and immutability, secure access control and permissions, Docker and Helm registry support, artifact promotion workflows, high availability, and scalability.

The universal artifact repository in JFrog Artifactory lets us store and manage all types of artifacts, Docker images, binaries, and dependencies in one place, which simplifies CI/CD pipelines across multiple client environments. Secure access control ensures only authorized users and CI/CD jobs can access or deploy artifacts, reducing the risk of accidental overwrites or unauthorized deployments. For example, during a recent multi-client release, this setup ensured consistent builds and prevented deployment errors, even across different cloud and on-premises environments.

JFrog Artifactory has streamlined our build and deployment process across multiple clients and environments. We have seen faster, more reliable releases, reduced build errors, and improved JFrog Artifactory traceability, which helps with auditing and compliance. Overall, it has saved time in CI/CD pipelines and ensured consistency across cloud and on-premises deployments.

JFrog Artifactory could be improved with a more intuitive user interface and faster search capabilities, especially when managing large multi-client repositories. Setup and configuration for multi-tenant environments can be complex, and better out-of-the-box monitoring and alerting features would help reduce operational work overhead.

Faster replication for global deployments and more native integration with security scanning tools would be helpful.

I have been using JFrog Artifactory for three years.

JFrog Artifactory is stable.

JFrog Artifactory is scalable from small and medium enterprises to larger enterprises and very large enterprises.

My overall experience with JFrog Artifactory's customer support has been good for standard issues with reasonable quick responses and helpful guidance. However, when there are complex or multi-cloud deployment issues, resolution sometimes takes a longer time.

Positive

Previously, we used a combination of local artifact repository and manual versioning, which was prone to errors and inconsistent builds. We switched to JFrog Artifactory because it provides centralized artifact management, version control, CI/CD integration, and better reliability across multi-client environments.

The initial setup was good, but it took a lot of time to complete.

We have clearly seen a return on investment with JFrog Artifactory. Due to its centralized artifact management, which has reduced build and deployment times by twenty percent, prevented multiple rollback incidents, and freed our team from manually managing dependencies, saving several hours per week. For example, during a recent multi-service deployment across several client environments, consistent artifact versioning eliminated five potential errors, ensuring a smooth and reliable release.

JFrog Artifactory pricing and licensing are enterprise-level, which means it is relatively costly, especially for high availability and replication across regions.

We evaluated other options such as GitHub Packages and Nexus Repository Manager. We chose JFrog Artifactory because it offered the broadest universal artifact support and better scalability for multiple client hybrid cloud environments.

I would rate JFrog Artifactory nine out of ten.

I chose nine out of ten because JFrog Artifactory greatly improved build consistency, CI/CD efficiency, and artifact traceability, which are critical across multiple client environments. I did not give it a perfect score of ten due to the user interface complexity, slower search in large repositories, and some setup challenges for multi-tenant deployments, which could be improved.

JFrog Artifactory should provide better documentation for advanced multi-client and multi-cloud setups, which would also reduce time and troubleshooting effort.

I would recommend that you plan your repository structure, take advantage of versioning and artifact promotion, and access control to ensure consistent builds and secure releases. Also, prepare for initial setup effort in multi-client or multi-cloud environments to maximize efficiency and reliability.

My main use case for JFrog Artifactory is to store packages, usually Docker images, but I have also worked with teams who have used it to store their Maven packages and NPM packages. After I use a Dockerfile to build a Docker image, I use JFrog Artifactory to store the Docker image by pushing it from my local machine to Artifactory. When I create new versions of the Docker image, I also push those up. JFrog Artifactory is integrated with my CI/CD pipelines within Jenkins, where the image is pulled from JFrog Artifactory and then deployed with the application being built.

The best features JFrog Artifactory offers include its universal capability to handle any package format commonly used, allowing the front-end team, back-end team, and DevOps team to use it. I also appreciate the ability to attach custom properties to artifacts, which I have used to tag artifacts as approved for production release or whether they have been scanned by certain software as true or false.

Universal package support and custom properties help my team day-to-day by making us more efficient, as we have one tool with which all engineering teams can interact regardless of their team. This makes it very easy for people to find the artifacts, understand the naming conventions, and know where they are stored, saving us time and reducing complexity in managing different packages and potentially different artifact storage systems.

JFrog Artifactory has positively impacted our organization by making us more efficient through using one system for storing all binaries and artifacts. It has also enhanced security because of the tagging feature, ensuring that in our CI/CD pipelines, artifacts will only get deployed if they are marked with the correct tags, providing an additional check to prevent deployment, which is beneficial.

In terms of improvement, self-hosting JFrog Artifactory can be complicated since you have to manage the database and storage back end as well as upgrades, which requires a bit of a learning curve. Although I find the documentation quite useful from JFrog, it is still complicated, and the licensing complexity is definitely a problem as it is somewhat expensive compared to other artifact storages like Amazon ECR or Google Artifact Registry.

While the integrations are very good, which I consider a benefit of using JFrog Artifactory, the maintenance toil can be a little complex, especially if you are using a self-hosted tool. Your team would have to be responsible and understand that it will require significantly more effort than using a cloud-managed storage solution.

I have been working in my current field for five to ten years.

JFrog Artifactory is stable and is a well-built piece of software. If you are self-hosting it, you also have to ensure that you maintain its stability with frequent updates and by correctly managing the machines, so it is a mutual effort required to maintain stability both from JFrog and the entity hosting it.

In terms of scalability, JFrog Artifactory is very good, as you can host it on a gigantic machine if you need to use it in a very powerful way or you could deploy it on a very small machine if you want to use it only for one engineering team.

I have never interacted with customer support before since I have never had to. However, their documentation, which I suppose falls under that umbrella, is very good.

Neutral

This was the original solution I used in this category of artifact storage systems. Although I also used Google Artifact Registry at the same time, I find it a little easier and cheaper. The limitation of using that solution is that it works very well with Google services but can be more complex when linking to other clouds. JFrog Artifactory is more useful as a multi-cloud system. If an organization were to use only one cloud, they would probably prefer the cloud provider's own artifact storage system.

We have seen a return on investment. However, I would not say that it saves time, as it is more of a necessary feature for modern engineering teams to have a certain place to store their artifacts. In terms of money saved, I would say this is not really applicable since it does cost money to use and does not save money. It is more of a necessary tool than one that generates a financial or speed-related return on investment.

The price is expensive. JFrog Artifactory is a best-in-class solution for artifact storage, so it is going to be more expensive. However, I do believe it is quite expensive for what it is, especially considering the many alternatives available in the marketplace right now.

The complexity of managing the tool and the high cost prevent it from being a ten, especially considering there are cloud-native alternatives that are cheaper and easier to use. Those alternatives may be specific to a particular cloud provider, making it more challenging to link with other clouds, which is something that JFrog Artifactory does well. However, it still remains more expensive and complex to use.

I would recommend that if you are using multiple clouds, JFrog Artifactory could be a good tool to use. If you are using just one cloud, you probably would not want to use it since it is more complex to set up and can potentially be more expensive as well.

From a security perspective, organizations can quite easily see a ten to twenty percent improvement in overall security because of deploying only secure artifacts that have been tagged correctly. Organizations might even see better security improvement. I would rate this review a nine.

My main use case for JFrog Artifactory involves integrations such as Amazon RDS, Amazon EBS, and CloudWatch, which generally help me improve our processes. It is a standard artifactory that helps me scale enterprise workloads, especially when building high-volume pipelines or managing multiple projects to ensure reliability. Additionally, DevSecOps automation is where JFrog Artifactory comes into play.

A specific example of how I use JFrog Artifactory in one of my projects involved a project where we had several artifacts on our AWS S3 buckets and a hard dependency on AWS's security competency. JFrog Artifactory helped us achieve that because it has DevSecOps automation capabilities that assist in preventing modern-day supply chain hacking and cybersecurity attacks, making those integrations with AWS particularly valuable.

I do not have anything else to add about my main use case or that project without breaching confidentiality.

JFrog Artifactory has positively impacted my organization by initially being part of two vertical divisions and later extending to four or five verticals as positive stories were shared. Thus, it has had a good positive impact.

As for specific outcomes about the positive impact from expanding to four or five verticals, we have achieved faster deployment speeds, faster time to market, and lower pipeline failure rates. These were the key metrics monitored mostly by the DevOps and NOC teams, while I had limited involvement with those metrics.

The best features JFrog Artifactory offers include automating dependency management, which reduces the risks of failing builds and broken builds, making the CD pipelines much smoother when I use JFrog Artifactory with AWS CodeBuild or EKS-based CI runners. I really appreciate the security competency aspects because it helps me ensure that JFrog Artifactory meets the requirements for the supply chain, and I find both of these features very useful.

Regarding improvements for JFrog Artifactory, I remember that the documentation was more focused on the on-premises JFrog version. I was mostly redirected toward that, so I found a lack of specific or clear documentation on using JFrog Artifactory with AWS. I felt this gap two years ago, and there were capabilities such as X-ray or integrations with other AWS features that I found lacking at the time.

I do not have much more to say about the needed improvements in integration or documentation, but I want to mention that, coming from a quality background, I think built-in quality gates for intelligent automation, vulnerability checks, or improved visibility and communication during slow responses or service downtime would be useful for visibility in distributed environments.

Looking back, I think the learning curve for JFrog Artifactory could be eased, and the installation process could feel less overwhelming. While it is not that difficult, I have seen new joiners struggle with the initial setup.

I think JFrog Artifactory could improve with some UX revamps since many tools these days provide very intuitive user experiences, and I believe that could be something to look into for the future.

I have used JFrog Artifactory across multiple jobs, so my total experience would be more than three years.

In my experience, JFrog Artifactory is quite stable.

The scalability of JFrog Artifactory was decent for our organization of 2,500 people, as we used it across three or four verticals, but my exposure to scalability was limited due to my QA background.

I do not recall using a different solution before JFrog Artifactory. It was JFrog on-premises, and later, JFrog Artifactory on AWS, which is all my organization has used.

Before choosing JFrog Artifactory, we evaluated some options such as GitLab packages, which were somewhat relevant, and I would not say they were direct alternatives. We also used a package repository called Cloudsmith and Docker Hub at different stages. While these might not be direct competitors, they were tools I have used.

My advice for others looking into using JFrog Artifactory would be to work with someone who has previously set up and onboarded themselves on JFrog Artifactory because it might be challenging for first-timers. I would not recommend the official documentation but suggest using blogs or guides created by the community instead. For places such as banks or financial institutions, I would recommend ensuring there are more security features as security is a high focus. I would rate this product highly based on my overall experience with JFrog Artifactory.

Our main use case for JFrog Artifactory is for Maven builds and Docker images as an artifactory support, so anytime someone builds an image or creates a Maven build, we upload it to JFrog Artifactory. We use it for Maven builds, Docker builds, and for our CI/CD.

JFrog Artifactory has positively impacted our organization by ensuring that unified package management is happening at a central place, which has been helpful for our distributed service mesh because otherwise, everyone would be rebuilding their own versions of the central package, eventually leading to problems. Unified management is welcoming.

Better consistency across services is perhaps the bigger point we have seen as an outcome. Once a new service goes in or a new build for any existing service goes in, we are at least certain that it is picking up the latest code that we had pushed to the central package, ensuring that if an observability fix or security fix went in, we just need to ensure a rebuild happened on all services after that build and it is now reflecting.

The best features JFrog Artifactory offers are a unified store for our builds, Docker, and everything, and its integration into CI/CD, which is quite smooth for us as we are using it across several different repositories and two different package types including Go and Java Spring Boot.

The integration of JFrog Artifactory into our CI/CD has been smooth because the documentation was pretty clear on how we had to do it. We did not have any issues since, and I was well aware of when it was happening, so the part that stood out was the clear documentation that I think was available online.

JFrog Artifactory could be improved for simpler workflows without dedicated infra teams or dedicated DevOps, as it could be difficult to configure. For us, it was slightly easier because we have a lot of senior engineers and people with CI/CD experience, but it could be slightly problematic in those cases.

I have been using JFrog Artifactory for about three months since we configured it.

JFrog Artifactory has been stable for us.

JFrog Artifactory's scalability has been good as we have 14 to 15 services today, and it will increase to maybe 30 over the next few months. We have not had any issues so far.

I have not interacted with customer support yet.

Negative

We did not previously use a different solution because we started with JFrog Artifactory itself.

JFrog Artifactory is deployed in our organization on our VPN right now, so it is on the private cloud. We purchased JFrog Artifactory through the AWS Marketplace.

I was not involved in the licensing and pricing part, but the setup cost was I think one or two days, so whatever engineers were required, it was about the specific pay for those two days.

The return on investment has been more on productivity, although we have not quantified it, so there are no metrics to share.

I was not involved in the licensing and pricing part, but the setup cost was I think one or two days, so whatever engineers were required, it was about the specific pay for those two days.

Before choosing JFrog Artifactory, we evaluated Nexus and JFrog, but we realized JFrog Artifactory is slightly better because Nexus does not provide that smoother experience for CI/CD and for Java Maven builds, so that is why we went ahead with JFrog Artifactory.

If you have some Maven builds or Gradle builds and Docker repositories that you want to store at a central place, JFrog Artifactory can be a solution one can look into. It should be one of those options that you evaluate. I give this review an overall rating of 9.

JFrog Artifactory is designed for software management. We used it for storing all assets and packages that were downloaded from external package systems, making them available for our development teams to use in their builds.

It primarily supported a fail-fast approach, where vulnerabilities were identified ahead of time, enabling us to alert our development team to use the latest packages without those vulnerabilities.

JFrog Artifactory proved very helpful in supporting a variety of package types for different projects.

The best features of JFrog Artifactory include the core functionality of package management and software management, along with scanning capabilities to prevent vulnerabilities from being introduced.

The metadata management feature was particularly useful for managing packages within JFrog Artifactory.

We utilized Xray integration with JFrog Artifactory, which was instrumental in managing vulnerabilities overall.

JFrog Artifactory has robust functionality in terms of access control, which helped us ensure minimal access to various artifacts.

I would rate it eight out of ten because it is a great product that is widely used in the industry. It has excellent features from an artifact management perspective and maintains good integrations.

JFrog could improve this product with tighter integration capabilities.

I used JFrog Artifactory in the last twelve months.

I would rate their support for JFrog Artifactory as seven out of ten.

Positive

I am no longer using JFrog Artifactory in my current role as I moved away from the team. The metadata management features were very useful, particularly for managing packages inside JFrog Artifactory. We were customers of JFrog. Based on my experience, I would rate JFrog Artifactory eight out of ten.