aisecurity.llc
Signals
A market thesis derived from a single source is an opinion. These five independent signal layers — research momentum, builder ecosystem, media coverage, vulnerability disclosures, and knowledge codification — each arrive at the same conclusion through entirely different mechanisms.
External signal layers
Five external validation sources
The report triangulates across seven signal layers: the ATS job corpus (what employers say they need), practitioner surveys (what practitioners are experiencing), and five external sources below. Each layer is independently collected and classified against the same AI security taxonomy. When all seven describe the same structural gap from different angles, the convergence is the argument — not the job descriptions alone.
arXiv Research Momentum
Time-series paper velocity, bucket share composition, and emerging-term acceleration from seeded arXiv metadata slices. ~903 unique papers analyzed.
Builder Ecosystem (GHArchive)
Open-source repo growth, contributor density, and event activity across AI security domains. 120 classified repos, 231K+ event proxies, 12K+ unique actors.
Media & Industry News
Aggregated RSS/Atom feed signals from major tech media, niche security outlets, and AI labs. 776K+ items classified across AI security taxonomy buckets.
Wikimedia Knowledge Graph
Semantic codification signal from Wikidata/Wikipedia-style artifacts. Directional mock baseline is now wired for cross-source timing analysis.
Vulnerability & Advisory Feed
NVD, GitHub Advisory, OSV, and CISA KEV records classified for AI/ML relevance. Tracking the gap between research discovery and public CVE disclosure.
Framework Intelligence
Metadata and crosswalk intelligence for MITRE ATLAS, NIST AI RMF, OWASP LLM Top 10, and related governance/compliance references.
Signal Convergence
Where all five signal layers independently agree. Cross-source topic scoring identifies the highest-confidence trends — topics where research, builders, media, and vulnerabilities converge.
Signal inventory
Skills, tools, and framework signals
The benchmark tracks 85+ named signals from job description corpora — skills, tools, frameworks, attack surfaces, and psychometric patterns that define the AI security labor market.
| Rank | Signal | Family | Why it matters |
|---|---|---|---|
| 1 | Function Calling | attack_surface | Signal narrative pending export detail. |
| 1 | GDPR | framework | Signal narrative pending export detail. |
| 1 | Python | skill | Signal narrative pending export detail. |
| 1 | Vanta | tool | Signal narrative pending export detail. |
| 2 | Prompt Injection | attack_surface | Signal narrative pending export detail. |
| 2 | HIPAA | framework | Signal narrative pending export detail. |
| 2 | AWS | skill | Signal narrative pending export detail. |
| 2 | Sigma | tool | Signal narrative pending export detail. |
| 3 | Tool Calling | attack_surface | Signal narrative pending export detail. |
| 3 | SOC 2 | framework | Signal narrative pending export detail. |
| 3 | GCP | skill | Signal narrative pending export detail. |
| 3 | Splunk | tool | Signal narrative pending export detail. |
| 4 | Jailbreak | attack_surface | Signal narrative pending export detail. |
| 4 | FedRAMP | framework | Signal narrative pending export detail. |
| 4 | Kubernetes | skill | Signal narrative pending export detail. |
| 4 | Falco | tool | Signal narrative pending export detail. |
| 5 | Model Drift | attack_surface | Signal narrative pending export detail. |
| 5 | PCI DSS | framework | Signal narrative pending export detail. |
| 5 | SQL | skill | Signal narrative pending export detail. |
| 5 | LangSmith | tool | Signal narrative pending export detail. |
| 6 | Data Poisoning | attack_surface | Signal narrative pending export detail. |
| 6 | EU AI Act | framework | Signal narrative pending export detail. |
| 6 | Docker | skill | Signal narrative pending export detail. |
| 6 | Langfuse | tool | Signal narrative pending export detail. |
| 7 | Model Weights | attack_surface | Signal narrative pending export detail. |
| 7 | NIST SP 800-53 | framework | Signal narrative pending export detail. |
| 7 | Java | skill | Signal narrative pending export detail. |
| 7 | Semgrep | tool | Signal narrative pending export detail. |
| 8 | Agent Security | attack_surface | Signal narrative pending export detail. |
| 8 | NIST AI RMF | framework | Signal narrative pending export detail. |
| 8 | TypeScript | skill | Signal narrative pending export detail. |
| 8 | Snyk | tool | Signal narrative pending export detail. |
| 9 | Ai Evals | attack_surface | Signal narrative pending export detail. |
| 9 | NIST Cybersecurity Framework | framework | Signal narrative pending export detail. |
| 9 | Go | skill | Signal narrative pending export detail. |
| 9 | Burp Suite | tool | Signal narrative pending export detail. |
| 10 | Llm Evals | attack_surface | Signal narrative pending export detail. |
| 10 | CIS Controls | framework | Signal narrative pending export detail. |
| 10 | Terraform | skill | Signal narrative pending export detail. |
| 10 | Drata | tool | Signal narrative pending export detail. |
| 11 | Model Poisoning | attack_surface | Signal narrative pending export detail. |
| 11 | ISO/IEC 27001 | framework | Signal narrative pending export detail. |
| 11 | React | skill | Signal narrative pending export detail. |
| 11 | OWASP ZAP | tool | Signal narrative pending export detail. |
| 12 | Prompt Leakage | attack_surface | Signal narrative pending export detail. |
| 12 | MITRE ATLAS | framework | Signal narrative pending export detail. |
| 12 | JavaScript | skill | Signal narrative pending export detail. |
| 12 | Ragas | tool | Signal narrative pending export detail. |
| 13 | Sensitive Data Leakage | attack_surface | Signal narrative pending export detail. |
| 13 | ISO/IEC 42001 | framework | Signal narrative pending export detail. |
| 13 | Node.js | skill | Signal narrative pending export detail. |
| 13 | BigID | tool | Signal narrative pending export detail. |
| 14 | Unsafe Output | attack_surface | Signal narrative pending export detail. |
| 14 | OWASP Top 10 for LLM Applications | framework | Signal narrative pending export detail. |
| 14 | PostgreSQL | skill | Signal narrative pending export detail. |
| 14 | Trivy | tool | Signal narrative pending export detail. |
| 15 | Excessive Agency | attack_surface | Signal narrative pending export detail. |
| 15 | C++ | skill | Signal narrative pending export detail. |
| 15 | Sigstore | tool | Signal narrative pending export detail. |
| 16 | Indirect Prompt Injection | attack_surface | Signal narrative pending export detail. |
| 16 | Rust | skill | Signal narrative pending export detail. |
| 16 | CodeQL | tool | Signal narrative pending export detail. |
| 17 | Training Data Leakage | attack_surface | Signal narrative pending export detail. |
| 17 | Swift | skill | Signal narrative pending export detail. |
| 17 | DeepEval | tool | Signal narrative pending export detail. |
| 18 | Context Leakage | attack_surface | Signal narrative pending export detail. |
| 18 | Scala | skill | Signal narrative pending export detail. |
| 18 | Elastic Security | tool | Signal narrative pending export detail. |
| 19 | PHP | skill | Signal narrative pending export detail. |
| 19 | Open Policy Agent | tool | Signal narrative pending export detail. |
| 20 | Ruby on Rails | skill | Signal narrative pending export detail. |
| 20 | TruffleHog | tool | Signal narrative pending export detail. |
| 21 | promptfoo | tool | Signal narrative pending export detail. |
| 22 | Arize Phoenix | tool | Signal narrative pending export detail. |
| 23 | SPDX | tool | Signal narrative pending export detail. |
| 24 | CycloneDX | tool | Signal narrative pending export detail. |
| 25 | NeMo Guardrails | tool | Signal narrative pending export detail. |
| 26 | LLM Guard | tool | Signal narrative pending export detail. |
| 27 | garak | tool | Signal narrative pending export detail. |
| 28 | PyRIT | tool | Signal narrative pending export detail. |
| 29 | TruLens | tool | Signal narrative pending export detail. |
| 30 | Guardrails AI | tool | Signal narrative pending export detail. |
| 31 | Helicone | tool | Signal narrative pending export detail. |
| 32 | OpenAI Evals | tool | Signal narrative pending export detail. |
| 33 | Hack The Box | tool | Signal narrative pending export detail. |