Who is Richard Ewing?

Richard Ewing is a Product Economist and AI Capital Auditor. He is the Founder of Exogram, a verification infrastructure for AI. He audits R&D spend and surfaces hidden capital risks like technical debt, AI cost overruns, and zombie infrastructure. He has scaled B2B SaaS from $0 to $25M ARR. Published in CIO.com, Built In, Mind the Product, and HackerNoon.

What is a Product Economist?

A Product Economist treats product decisions as economic decisions. Instead of measuring velocity or story points, a Product Economist measures Return on Invested Capital (ROIC), Cost of Goods Sold efficiency, and technical debt in dollar terms. The methodology was coined by Richard Ewing.

What is the Technical Insolvency Date?

The Technical Insolvency Date (TID) is the specific quarter where maintenance costs consume 100% of available engineering capacity, reducing feature velocity to zero. Calculate yours free at richardewing.io/tools/pdi.

Exogram is verification infrastructure for AI, founded by Richard Ewing. It prevents hallucination propagation with admissibility control planes and state-hashing commit enforcement. LLMs generate language; Exogram maintains reality.

How do I calculate technical debt cost?

Use the free Product Debt Index (PDI) calculator at richardewing.io/tools/pdi to quantify hidden technical debt in dollar terms, calculate your Technical Insolvency Date, and benchmark against industry standards.

How much does AI cost per query?

AI costs range from $0.0001/query for small models to $0.10+/query for frontier models like GPT-4. Use the free AI Unit Economics Benchmark (AUEB) at richardewing.io/tools/aueb to calculate your specific AI cost structure.

Glossary/Zero Trust Security

Security & Compliance

1 min read

What is Zero Trust Security?

TL;DR

Zero Trust is a security framework based on the principle "never trust, always verify." Unlike traditional perimeter security (castle-and-moat model), Zero Trust assumes that threats exist both outside and inside the network.

Zero Trust principles: verify every user and device regardless of location, enforce least-privilege access, assume breach (design systems that limit blast radius), and validate continuously (not just at login).

Implementation components: identity verification (SSO, MFA), micro-segmentation (isolate network segments), device health checks, encryption in transit and at rest, and continuous monitoring.

Zero Trust has become the default security architecture because: remote work dissolved the network perimeter, cloud services exist outside corporate networks, and insider threats account for 25-30% of security incidents.

Why It Matters

Zero Trust is both a security best practice and increasingly a compliance requirement. NIST, the Department of Defense, and many industry regulations now mandate Zero Trust architecture elements.

Frequently Asked Questions

What is Zero Trust?

A security model that verifies every user and device for every access request, regardless of location. No implicit trust — even inside the corporate network.

How do you implement Zero Trust?

Start with: SSO + MFA for all users, least-privilege access policies, network micro-segmentation, device health validation, and continuous monitoring.

Need Expert Help?

Richard Ewing is a Product Economist and AI Capital Auditor. He helps companies translate technical complexity into financial clarity.

Book Advisory Call →

Explore More

Why It Matters

Frequently Asked Questions

What is Zero Trust?

How do you implement Zero Trust?

Related Terms

Need Expert Help?

Explore More

Free Tools

Glossary

Frameworks