Six standing initiatives that exist outside the commercial product. They are funded by the company, run on published cadences, and reported on in the quarterly transparency note. Some are years long. None of them are marketing.
Each initiative lists its goal, current status, and the outcome it is on the hook for. If we miss the outcome, the miss is reported in the transparency note.
Goal: Make Safeguard free for the maintainers our customers depend on.
Any open-source project that crosses 1,000 stars gets the full Safeguard stack — Griffin reasoning, Eagle triage, Lino inline, the policy gate — at no cost, for the lifetime of the project. Maintainers do not have to negotiate, justify revenue, or sign a use-case attestation. The supply chain runs on their unpaid labour; the least we can do is not charge them for the tools to defend it.
Outcome
Free, indefinite access to the full platform for qualifying OSS projects.
Goal: Fund independent security research on supply-chain and AI-security topics.
Small grants — typically enough to cover a researcher's compute, lab time, and a quarter of focused work — for independent investigators working on the topics we care about: build-system attacks, model-supply-chain risk, dependency-confusion classes, novel adversarial vectors. No employment, no IP claims, no embargo on publication. We back the work and publish what the researcher publishes.
Outcome
Funded independent research; results published openly, no IP claim.
Goal: Free access for accredited universities and CTF teams.
Full Safeguard access for accredited universities, recognised capture-the-flag teams, and degree-track security curricula. Lab-mode tenants with synthetic data; full reasoning traces enabled; published curriculum materials. The students using this today are the security engineers who will defend the supply chain tomorrow — pricing them out of the tooling that the industry runs on is short-sighted.
Outcome
Free tenants, lab data, and curriculum materials for accredited programmes.
Goal: Bring full Griffin Zero parity to sovereign customers.
A multi-year programme to bring full Griffin Zero capability — the same weights, the same training recipe, the same reasoning depth — to sovereign and air-gapped deployments. Includes hardware-level provenance, customer-controlled key material, in-country training and fine-tuning options, and the operational tooling to make a fully sovereign deployment routine rather than a one-off.
Outcome
Sovereign customers receive the full model lineup, not a cut-down tier.
Goal: Industry alignment on responsible-disclosure SLAs and shared maintainer infrastructure.
An invitation to other security vendors — including direct competitors — to align on a common coordinated-disclosure SLA, a shared maintainer mailbox protocol, and a single canonical place for OSS maintainers to receive vulnerability reports without burning out under the inbox. Defensive security is not a zero-sum game; the maintainers we all rely on should not have to triage seven vendor reports for the same CVE.
Outcome
Shared SLA + shared maintainer mailbox infrastructure across participating vendors.
Goal: Publish carbon-per-inference numbers per Griffin variant.
Per-variant carbon-per-inference figures for the Griffin, Eagle, and Lino families, measured from actual inference fleets and published on a quarterly cadence with methodology notes. We do this because the industry is opaque about the compute cost of AI inference, and security AI is no exception. If a customer wants to optimise for footprint as well as latency, they should have the numbers to do it.
Outcome
Quarterly published carbon-per-inference figures with full methodology.
Response SLAs are five business days on each channel. Decisions, accepted or declined, are explained in writing.
Quarterly intake. Proposals reviewed by a rotating committee.
Qualifying projects email the OSS team for instant enrolment.
University, CTF, and curriculum applications.
Vendors interested in joining the co-op contact the co-op desk.
What our research teams are working on, and what they have published.
Open-source projects we maintain or back, including the maintainer programme.
Education programmes, certifications, and free university access.
Public commitments that bind the company's behaviour.