AI security has an economic shape. We publish it.
As AI moves into the SDLC, the economics of security shift in measurable ways. Defensive-labour pricing, vendor concentration, breach cost, regulatory burden, sovereign-deployment cost — Safeguard publishes its perspective on every one of these so customers and policymakers can read the same numbers we do.
What we track and publish.
Defensive-engineering hour pricing
Hourly cost trends for AppSec, SecEng, and pentest labour across major regions, with year-on-year deltas.
Breach-cost benchmarks by industry
From public-disclosure aggregates plus our anonymised customer telemetry (opt-in only). Sliced by industry and incident class.
Vendor concentration risk
Concentration indices for software supply chain dependencies. Surface load-bearing OSS libs that quietly underpin a sector.
Sovereign-deployment cost-curve
Cost trajectory for full Griffin lineup on customer-controlled GPU vs commercial cloud. Updated as hardware prices shift.
Per-inference carbon footprint
Watts-per-inference for each Griffin variant + Eagle + Lion. Published per release; tracked over time.
Regulatory-burden index
Hours per quarter a typical enterprise spends on supply-chain regulatory evidence. Broken down by framework (SOC 2, DORA, NIS2, EO 14028, DPDP).
Published reports + datasets.
The cost of false positives — 2026 update
Q2 2026Quantitative analysis of the financial impact of false-positive triage at portfolio scale. New for 2026: AI-augmented triage cost-curves.
Read full reportSoftware supply chain regulator burden index
Q1 2026First annual measurement of regulatory evidence-collection burden across major jurisdictions. Methodology + raw aggregates.
Read full reportAI inference carbon per security task
Q4 2025Per-variant inference energy use vs general-purpose LLM baseline on the same security workloads. Carbon-cost translation by region.
Read full reportConcentration risk in OSS supply chains
Q3 2025Identified the 50 OSS libraries most concentrated in load-bearing positions across financial-services, healthcare, and SaaS.
Read full reportMethodology + open-data programme.
Methodology + raw aggregates are published on a quarterly cadence. Customer participation is opt-in and individually anonymised — no per-customer attribution appears in any release. Aggregated anonymised data sets are released on a Creative Commons licence (CC BY 4.0) for academic and regulator use. Contact research@safeguard.sh for the data dictionary or to discuss participation.
Want to participate?
Opt-in customer cohorts, academic partnerships, and regulator briefings. Email research@safeguard.sh.