Drill-down · Scan volume

1B+ scans completed

Cumulative scan volume across SBOMs, container images, source repos, manifests, and live runtime agents — across every customer tenant, every region, since Safeguard launched.

Daily throughput

10M+

~7,000 scans / second sustained, with elastic burst to 50K/sec.

Monthly throughput

~300M

Steady-state at current customer base. Scales linearly per added tenant.

Cumulative since launch

1.0B+

Crossed in May 2026. Tracked via signed scan-result attestations.

By scan type

Where the volume comes from — SBOMs lead, container images follow.

SBOM scans (CycloneDX + SPDX)420M · 42%

Container image scans280M · 28%

Source-code / repo scans190M · 19%

Manifest / lockfile scans85M · 9%

Runtime / live-agent scans25M · 2%

How scans are counted

One scan = one signed attestation. Every scan emits an in-toto attestation signed by the regional cluster's sigstore identity. The 1B+ figure is the cumulative count of those attestations across all tenants since the platform launched.

Re-scans count. A package re-scanned after a new CVE lands counts as a new scan — that's the work being done. Continuous monitoring drives most of the volume; spot scans are a small fraction.

Customer attribution is hashed. The aggregate count is global; per-customer counts stay in each customer's tenant. Nothing is cross-attributed in the public number.

Product

Scanner Suite →

The scanners behind the volume — and how to plug them into your CI.

Reference

Architecture →

How the platform scales scan throughput across regional clusters.