Show us your business

Buyer's guide

How to hire a software development company

How to hire without getting burned: pricing models, red flags, who owns the code, the questions to ask, and what AI changed about vendor selection.

13 min readUpdated July 2026

Hire the way you'd hire any critical contractor: check the actual build team, connect real references, and pin down the contract before the pitch. The terms that protect you are structural, not promises: a fixed scope with milestone acceptance gates, a present-tense IP assignment, source code in a repository you control, and a straight answer on how the vendor uses AI. Compare scopes and ownership, not just hourly rates.

Key facts

Typical rates
US agencies charge $90 to $350 an hour; offshore teams run 40 to 70 percent cheaper.
Success rate
Only 29 percent of software projects fully succeed on time, on budget, and on scope.
Third-party risk
30 percent of data breaches now involve a third party, up from 15 percent a year earlier.
AI code risk
45 percent of AI-generated code introduced an OWASP Top 10 security vulnerability.
Agency markup
Agencies bill 2x to 4x a developer's actual cost to cover overhead and margin.
Who owns code
If your contract is silent, the developer keeps the copyright, not you.

Sources: The Standish Group CHAOS Report, McKinsey & Company with the University of Oxford, the Verizon 2025 Data Breach Investigations Report, the Veracode 2025 GenAI Code Security Report, the Stack Overflow 2025 Developer Survey, FullStack Labs and Clutch rate data, and the US IP-law chain from the Association of Corporate Counsel and Orrick to Community for Creative Non-Violence v. Reid. Get a free fixed quote in 48 hours. Last updated .

Pricing models, and who carries the risk

How you pay decides how much risk you carry. There are three common ways to structure a software contract: fixed-price, time and materials, and a dedicated team. There's no dataset proving one overruns more than another, so choose on risk allocation. A fixed price puts the risk of misjudging the work on the vendor; time and materials keeps it with you. Pick the model that matches how well you can actually define the build.

Before you compare rates or portfolios, decide how the money is going to flow, because that single choice moves more risk than any negotiation over an hourly number. The three models below cover almost every arrangement you'll be offered:

  1. Fixed-price contract

    One agreed price for a scope you've written down, paid in stages as the work ships. The vendor carries the risk of misjudging the effort, so it prices carefully and has every reason to move fast. It fits small, fully specified builds and MVPs that can finish inside roughly four months, which is most first small business projects.

  2. Time and materials

    You pay for the hours actually worked. It's the honest choice for medium projects with evolving scope, real discovery, or research nobody can spec up front. The catch is that the overrun risk sits with you, so always attach a not-to-exceed cap and acceptance gates so the meter can't run without results.

  3. Dedicated team

    A fixed monthly fee for a ring-fenced group of engineers working only on your product. It fits long-term products, roughly eight months and up, that need a sustained roadmap rather than a one-off delivery. It's the most flexible model and the one that most rewards a client who can manage a team directly.

The honest framing is risk allocation, not one model being universally better. A fixed-price contract shifts the overrun risk to the vendor, who prices in a premium for taking it and may be tempted to cut corners or scope if the work runs long. Time and materials keeps the risk with you: you pay only for real hours, but the meter runs whether or not anything ships, so a not-to-exceed cap is what turns it from open-ended into bounded. A dedicated team sits in between and rewards a client who can steer the work directly.

Three ways to structure a software contract, and who carries the overrun risk
ModelWho carries overrun riskBest fit
Fixed-priceThe vendorSmall, fully specified builds and MVPs under about four months
Time and materialsYou (cap it with a not-to-exceed ceiling)Medium work with evolving scope or genuine discovery
Dedicated teamYouLong-term products needing a sustained roadmap, about eight months and up

Whatever the model, the payment schedule matters as much as the total. A defensible split is a deposit of roughly 20 to 30 percent, then 40 to 50 percent released across milestones as they ship, then a final 20 to 30 percent on delivery and sign-off. Treat 100 percent upfront and 100 percent only on completion as red flags in their own right: both dump the entire risk on one party1.

Here's the vocabulary you'll meet throughout this guide, in plain English:

Fixed-price contract
A single agreed price for a fully specified scope, set before work starts. The risk of misjudging the effort sits with the builder, not you. It fits small, well-defined builds, MVPs, and migrations, and it's the model behind milestone billing.
Time and materials
Billing by the hour or day for however long the work takes. It suits medium work with evolving scope or genuine discovery, but the risk sits with you: slower work costs more. A not-to-exceed cap puts a ceiling on it.
Dedicated team
A fixed monthly fee for a ring-fenced group of engineers who work only on your product. It fits long-running products, roughly eight months and up, that need a sustained roadmap, not a one-off build with a clear finish line.
Work made for hire
A copyright term people misuse. For a commissioned outside developer, 'work made for hire' only applies to nine narrow categories of work, and custom business software isn't one of them. Labeling a contract that way does not, on its own, transfer the code to you.
IP assignment
The clause that actually transfers ownership. A present-tense assignment ('Developer hereby assigns...') moves the copyright to you when it takes effect. A vague promise to assign it later may never transfer anything, so the exact wording matters.
Source-code escrow
A three-party agreement where a neutral agent holds a copy of your source code and releases it to you if the vendor goes bankrupt or abandons the work. It's a continuity backstop, not a substitute for owning the code outright.
Acceptance gate
A checkpoint where you review a milestone against agreed criteria before releasing payment for it. Tying money to acceptance, not to the calendar, is the simplest protection against paying ahead of what's actually been delivered.

Red flags to watch for

Most bad engagements announce themselves early if you know what to listen for. The classics: seniors in the pitch and juniors on the build, a polished quote delivered before anyone understood the work, hesitation when you ask whether you could leave, and a demand for all the money upfront. None of these is subtle once you're looking for it.

These patterns show up again and again in practitioner write-ups of engagements that went wrong3. Read them as tripwires, not deal-breakers on their own: any one is a reason to slow down and ask a harder question.

  1. The bait-and-switch team

    You meet polished senior engineers in the sales meeting, then the actual work goes to unvetted juniors billed at senior rates. The fix is simple: ask for the CVs or LinkedIn profiles of the specific people assigned to your build before you sign, not the agency's highlight reel.

  2. The 24-hour perfect quote

    A precise price that lands suspiciously close to your budget, delivered before anyone could have understood the work, usually means the vendor under-scoped on purpose and plans to recover the difference through change orders later. A real quote follows real questions about scope, integrations, and edge cases.

  3. The lock-in dodge

    Ask one question: can I take the full codebase to another agency tomorrow? Anything short of an immediate yes is lock-in. 'We'll transfer it when the project is complete' is a yellow flag on its own; the code should live in a repository you control from the first commit.

  4. The all-upfront payment

    A demand for the whole fee before work starts, or the whole fee only on completion, both put the risk entirely on one party and strip out the incentive to deliver. A healthy structure spreads payment across a deposit, milestone payments, and a final payment on your sign-off.

  5. IP evasiveness

    Vague or shifting answers about who owns the finished code, the repositories, and the accounts are the most expensive red flag of all, because the legal default in the US favors the developer, not you. Get ownership pinned down in writing before the contract is signed, never after.

One belt-and-braces option worth knowing about is source-code escrow: a three-party agreement where a neutral agent holds a copy of your source and releases it to you if the vendor goes bankrupt or walks away mid-build5. It's a continuity backstop for larger engagements, not a replacement for owning the code outright, which is the next section.

Who owns the code you pay for

This is the detail most owners miss, and it's the expensive one. Under US copyright law, if your contract is silent, the developer who wrote the code keeps the copyright, not the client who paid for it. Paying an invoice does not transfer ownership. The only reliable fix is a present-tense IP assignment in a written, signed contract. Get this wrong and you can pay six figures for software you don't actually own.

Start from the default, because it's the opposite of what almost everyone assumes. When you commission an outside developer and the contract says nothing about ownership, the copyright in that code stays with the developer, not with you, even though you paid for all of it67. This isn't a loophole. It's the baseline rule, and the Supreme Court settled the principle in Community for Creative Non-Violence v. Reid, holding that a commissioned creator was an independent contractor whose work was not automatically a "work made for hire," so the copyright did not pass to the party who paid8.

People try to solve this by stamping the contract "work made for hire," and for software that label almost never works. A commissioned work made for hire has to fall into one of nine narrow statutory categories, and custom business software isn't one of them, so the label alone transfers nothing9. What actually moves ownership is an assignment. And it has to be worded carefully: use a present-tense assignment ("Developer hereby assigns...") rather than a promise to assign later, which may never take effect7. The transfer also has to be in writing and signed to be valid10.

So the practical checklist for any contract you sign:

  • A present-tense IP assignment of every deliverable, effective on final payment, in your name.
  • The full source in a repository you own and can access at all times, not one the vendor controls and hands over later.
  • No lock-in to the vendor's hosting, domains, or accounts, so nothing you paid for is held hostage by a login.
  • Optional source-code escrow if the engagement is large enough that continuity is a real concern.

How to vet a vendor before you sign

Vetting a software company comes down to four areas: the actual build team, real code and connectable references, the project and communication cadence, and the pricing, contract, and IP terms. Do what serious B2B buyers do: talk to current users, read third-party reviews, and check the vendor's security before you hand over any access. A vendor who won't let you meet the engineers or connect you to references is telling you something.

Converging vetting checklists all point at the same four areas, and the red flags cluster around evasiveness: refusing to let you meet the engineers who'll do the work, references you can't actually reach, large upfront demands, and dodgy answers on ownership13. The good news is that the two most useful checks are also the cheapest.

54%

of B2B buyers talk to current users before buying. Ask for connectable references.

Sopro, B2B buyer statistics 2025

77%

of B2B buyers consult third-party reviews. Read them before the sales call, not after.

Sopro, B2B buyer statistics 2025

30%

of data breaches now involve a third party, double the 15% of a year earlier.

Verizon, 2025 Data Breach Investigations Report

Reference-check the way a buyer should: 54 percent of B2B buyers talk to current users before they commit, and 77 percent consult third-party reviews, so ask for references you can actually connect with and read the reviews the vendor doesn't link to12. A vendor that can't produce a single client willing to take your call is a vendor to walk away from.

Then vet security before you grant any access, because the risk of a vendor becoming your weak link is rising fast. In the latest Verizon data, 30 percent of breaches involved a third party, double the 15 percent of the year before11. Ask whether the firm holds SOC 2 or ISO 27001, whether it signs NDAs, and how it isolates client data. If your build touches customer or regulated data, this stops being optional. A short list of questions to put to any shortlist:

  • Who exactly will write my code, and can I see their CVs or LinkedIn profiles?
  • Can you connect me with two clients on builds like mine?
  • What does your security posture look like, and will you sign an NDA?
  • How do you handle scope changes, and are they re-quoted in writing?
  • Do the code, repositories, and IP transfer to me, and exactly when?

Agency, freelancer, or offshore team

Where you hire trades cost against risk. US agencies bill roughly $90 to $350 an hour and carry the whole build; US freelancers run about $88 to $110 and undercut small agencies, but bring limited bandwidth and little recourse. Offshore and nearshore teams run about 40 to 70 percent cheaper, reflecting a real labor-cost gap: the median US back-end salary is about $175,000 against $22,086 in India. The rate is real; it just isn't the whole bill.

The 2026 rate landscape, triangulated across agency guides, marketplace data, and freelance surveys, looks roughly like this15161718:

Typical software rates by region and model (2026)
Region or modelTypical hourly rateNotes
US agencies$90 to $350Small shops $90 to $160; enterprise firms above $400
US freelancers$88 to $110Undercut small agencies by $40 to $85 an hour
Western Europe$70 to $95UK $75 to $95; Germany $70 to $85
Eastern Europe$25 to $50Common nearshore choice for European clients
Latin America$30 to $82Nearshore for US time zones; Brazil freelance $30 to $55
South Asia$20 to $50India $30 to $50; Philippines $20 to $35
$175,000

median US back-end developer salary, the labor-cost gap behind offshore pricing.

Stack Overflow, 2025 Developer Survey

$22,086

median back-end developer salary in India, in the same global survey.

Stack Overflow, 2025 Developer Survey

2x to 4x

the developer's actual cost that agencies bill, to cover overhead and margin.

Teamcamp, Agency Pricing Guide 2026

The rate gaps trace back to a labor-cost gap that's genuinely enormous. In Stack Overflow's 2025 survey of nearly 24,000 developers across 177 countries, the median back-end salary was about $175,000 in the US, roughly $87,000 in Germany, and $22,086 in India14. That spread is the real reason offshore teams can quote 40 to 70 percent below US and Western European rates18. It's also why an agency hour costs more than a freelance hour: agencies bill two to four times a developer's actual cost to cover management, QA, overhead, and margin2.

So how to choose. Freelancers are cheapest and undercut small agencies by roughly $40 to $85 an hour, but you get limited bandwidth, narrow specialization, and little legal recourse if a build goes sideways17. Agencies cost more but own the whole delivery, from scoping to QA to handover. Offshore and nearshore teams can be excellent value, but the headline rate is a weak proxy for total cost: once you add coordination, time-zone drag, QA, and any rework, the gap between a cheap hour and an expensive one narrows18. Judge the fixed quote and the shipped result against each other, not rate against rate. Our custom software development services page covers how we scope and quote a build end to end.

What to ask a vendor about their use of AI

AI changed vendor selection in 2026, and not the way the sales decks claim. It can speed up the right work and quietly degrade the wrong work, it can introduce security holes, and AI-only code isn't even copyrightable. So the question isn't whether a vendor uses AI. It's how they use it, who reviews it, whether your data leaks into it, and whether the code they hand you is actually protectable and secure.

Start with the evidence, because it genuinely cuts both ways and any vendor claiming AI simply makes everything faster is overselling. The two most-cited controlled studies point in opposite directions:

56% faster

developers using GitHub Copilot on an isolated, greenfield coding task.

GitHub Copilot productivity study (arXiv, 2022)

19% slower

experienced developers using early-2025 AI tools on large, mature codebases.

METR, 2025

45%

of AI-generated code introduced an OWASP Top 10 vulnerability; 72% in Java.

Veracode, 2025 GenAI Code Security Report

A GitHub study found developers completed a self-contained, greenfield task about 56 percent faster with Copilot23. A 2025 METR study of experienced developers working on large, mature repositories found they were 19 percent slower with early-2025 AI tools, even though they felt faster24. Both are true. AI compresses simple, new, well-scoped work and struggles on gnarly existing systems, and a vendor worth hiring can tell you which kind of work yours is.

The bigger reasons to ask hard questions are security and ownership. In Veracode's 2025 testing, 45 percent of AI-generated code introduced a vulnerability from the OWASP Top 10, rising to 72 percent in Java, with no improvement in newer models28. And the US Copyright Office has been explicit that purely AI-generated code isn't copyrightable, because writing prompts alone doesn't confer human authorship, which means the AI-written portions of your deliverable may not be protectable intellectual property at all2930. Developers themselves are wary: adoption is near-universal at 84 percent, but 66 percent say they lose time fixing AI output that's almost right, and more distrust the accuracy of AI answers than trust it (46 percent versus 33 percent)25. Directional signals from GitClear and Google's DORA program point the same way, with copy-pasted code rising sharply and measures of delivery stability slipping as AI adoption climbs2726.

So put five questions to any vendor that leans on AI:

  • What share of the code is AI-assisted, and how is it reviewed and tested?
  • Do you run security scanning on AI-written code, and who owns the vulnerabilities it introduces?
  • Is our proprietary code or data ever sent to a third-party AI service, or used to train one?
  • Who owns the delivered code, are the AI-generated portions protectable, and will you indemnify us?
  • If AI speeds you up, how does that show up in the price or the timeline?

Why software projects go wrong, and what to avoid

Software has a long, stable track record of missing its targets, and knowing the patterns tells you what to avoid when you hire. Only about 29 percent of projects fully succeed. Large ones average 45 percent over budget and deliver 56 percent less value than promised. Back in 2011, 75 percent of executives already expected their projects to fail. None of it is bad luck; it's loose requirements and no accountability for the result.

The failure data is grim and remarkably consistent across decades of research:

29%

of software projects fully succeed on time, on budget, and on scope.

The Standish Group, CHAOS Report 2015

45%

average budget overrun on large IT projects, delivering 56% less value.

McKinsey & Company with University of Oxford

75%

of executives expected their software projects to fail, from the start.

Geneca, 2011

The Standish Group's CHAOS research classed only 29 percent of projects as successful, with 52 percent challenged and 19 percent failed outright, though it's an industry survey rather than an audited study, so read it as directional19. McKinsey and the University of Oxford, studying 5,400 large IT projects, found an average 45 percent budget overrun, 7 percent time overrun, and 56 percent less value than predicted, with one in six turning into a runaway that threatened the business20. Flyvbjerg and Budzier, looking at 1,471 projects, found a 27 percent average cost overrun and the same one-in-six pattern of "black swan" blowups running roughly 200 percent over budget21.

Notice those big numbers describe large, enterprise-scale projects, not a small business build. The useful takeaway isn't the size of the disasters, it's their cause. As far back as 2011, 75 percent of executives expected their projects to fail from the start, 80 percent of teams spent at least half their time on rework, and 78 percent felt the business was out of sync with requirements22. The through-line is loose requirements and no accountability for the outcome. The structural fix is the opposite of a big-bang build: break the work into small, milestone-billed increments, put an acceptance gate on each one, cap the exposure, and re-quote any new scope in writing before it enters the build. That's not motivational advice; it's how you stop being a statistic.

How we work, and what to do next

Everything above points at the same handful of terms: a fixed quote against a written scope, milestone billing with acceptance gates, code and IP that transfer to you outright, and a straight answer about AI. That's how we run every build, and it's the same checklist you should hold any vendor to. Here's how to move from reading to a real number for your own project.

Our model is built around the protections in this guide. You send a few sentences about what you want, and within 48 business hours we reply with a written scope, a milestone breakdown, and a fixed quote, so you know your number before spending anything. A small start fee from $499 locks in the work. You pay for each milestone when it ships and works, the final payment waits for your sign-off, and on that final payment the code, the repositories, and the IP become yours outright, in your name, with no license and no lock-in. If you want the mechanics, our custom software build methodology and our custom software development services page lay them out.

If you already know it's a web app or a mobile app, our web app development and mobile app development pages cover the specifics of each. If you're still sizing the budget, our companion guide on how much custom software costs breaks down the bands, and the full guides library covers the rest.

Frequently asked questions

How do I hire a software development company without getting burned?

Treat it like hiring any critical contractor, and pin down four things before you sign: the pricing model and who carries the overrun risk, the specific people assigned to your build, who legally owns the finished code, and how the vendor uses AI. Check references (54 percent of B2B buyers talk to current users before buying, and the call is worth it), read third-party reviews, and get every ownership term in writing. The most common way owners get burned is skipping the contract details because the demo looked good.

Should I choose fixed-price, time and materials, or a dedicated team?

It depends on how well you can define the work. There's no dataset proving one model overruns more than another, so choose on risk allocation. A fixed-price contract shifts the risk of misjudging the effort onto the vendor and fits small, fully specified builds and MVPs, which is most first small business projects. Time and materials keeps the risk with you, since you pay for real hours, and suits medium work with evolving scope, so cap it with a not-to-exceed ceiling. A dedicated team fits long-term products, roughly eight months and up, that need a sustained roadmap. For a defined build, insist on a fixed quote split into milestones you pay for only as they ship.

Who owns the code when I hire a developer?

By default, the developer does, which surprises most buyers. Under US copyright law, if your contract is silent, the person who wrote the code keeps the copyright, not the client who paid for it. The Supreme Court settled the principle in Community for Creative Non-Violence v. Reid, and 'work made for hire' almost never applies to commissioned software because it isn't one of the nine narrow categories the statute allows. The fix is a present-tense IP assignment ('Developer hereby assigns...'), in writing and signed, transferring the code, repositories, and IP to you. We assign everything to the client outright on final payment, in your name, with no license and no lock-in.

What are the biggest red flags when hiring a software agency?

Five stand out. A bait-and-switch where you meet seniors in the pitch and get juniors on the build. A polished quote delivered in 24 hours, before anyone could understand the work, which usually means deliberate under-scoping recovered through change orders later. Any hesitation when you ask whether you could move the full codebase to another agency tomorrow. A demand for the entire fee upfront, or the entire fee only on completion. And evasive answers about who owns the code and the accounts. Any one of these is a reason to slow down and ask harder questions.

How do I vet a software development company?

Check four things: the actual build team, real code plus connectable references, the project and communication cadence, and the pricing, contract, and IP terms. Reference-check like a B2B buyer does: 54 percent talk to current users before buying and 77 percent consult third-party reviews. And vet security before you grant any access, because 30 percent of data breaches now involve a third party, double the 15 percent of a year earlier. Ask for SOC 2 or ISO 27001 status and NDAs. Refusing to let you meet the engineers, unconnectable references, and large upfront demands are all reasons to walk.

Should I hire an agency, a freelancer, or an offshore team?

Each trades cost against risk. Freelancers undercut small agencies by roughly $40 to $85 an hour but bring limited bandwidth, narrow specialization, and little legal recourse if things go wrong. Agencies cost more, since they bill two to four times a developer's actual cost to cover overhead, management, and margin, but they carry the whole build. Offshore and nearshore teams run about 40 to 70 percent below US and Western European rates, reflecting a real labor-cost gap: the median US back-end developer salary is about $175,000 versus $22,086 in India. The rate is real, but it isn't the total cost once you count coordination, QA, and rework.

How much do software developers charge in 2026?

It varies widely by region and model. US agencies bill roughly $90 to $350 an hour, with enterprise shops above $400; US freelancers run about $88 to $110. Western Europe sits around $70 to $95, Eastern Europe $25 to $50, Latin America $30 to $82, and South Asia $20 to $50. Offshore teams run about 40 to 70 percent below US and Western European rates. But hourly rate is a weak predictor of total cost: a cheaper team that takes three times as long, or ships something you have to redo, costs more than a fast senior on a fixed quote.

What should I ask a vendor about their use of AI?

Five questions. What share of the code is AI-assisted, and how is it reviewed and tested? Do you run security scanning on AI-written code, and who owns any vulnerabilities it introduces? Is our proprietary code or data ever sent to a third-party AI service or used to train one? Who owns the delivered code, are the AI-generated portions legally protectable, and will you indemnify us? And if AI speeds you up, how does that show in the price or timeline? These matter because 45 percent of AI-generated code in one 2025 study carried an OWASP Top 10 vulnerability, and AI-only code isn't copyrightable in the US.

Why do so many software projects fail?

Because most are scoped loosely and billed in a way that rewards overruns. Only about 29 percent of software projects fully succeed on time, on budget, and on scope. Large IT projects average 45 percent over budget and deliver 56 percent less value than promised, with one in six overrunning so badly they threaten the company. Back in 2011, 75 percent of executives already expected their projects to fail from the start, and most teams spent at least half their time on rework. The through-line is loose requirements and no accountability for the result. The structural fix is small, milestone-billed increments with acceptance gates and a cap.

Sources

  1. Software Development Contract: Essential Terms & Red Flags. Stratagem Systems, November 2025.
  2. Agency Pricing Guide. Teamcamp, May 2026.
  3. 7 Red Flags in a Software Development Agency. StepTo, May 2026.
  4. Vendor Lock-In in Custom Software Development. Pragmatic Coders, 2025.
  5. Software Escrow Agreement: Source Code Protection. Traverse Legal PLC, December 2025.
  6. Software Work for Hire (United States). Association of Corporate Counsel, September 2014.
  7. Intellectual Property Assignments from Software Developers. Orrick, September 2023.
  8. Community for Creative Non-Violence v. Reid, 490 U.S. 730 (1989). US Supreme Court (via Justia), 1989.
  9. The Work for Hire Doctrine Almost Never Works for Software Development Contracts. Jones Day (Corporate Counsel Business Journal), June 2008.
  10. 17 U.S.C. § 204 (a): Execution of transfers of copyright ownership. Cornell Legal Information Institute, Current.
  11. 2025 Data Breach Investigations Report. Verizon, April 2025.
  12. 68 B2B Buyer Statistics and Insights. Sopro, July 2025.
  13. How to Vet a Software Development Agency. The Contrast, 2026.
  14. 2025 Developer Survey: Work. Stack Overflow, 2025.
  15. Software Development Company Pricing Guide. Clutch, 2026.
  16. Freelance Software Developer Rates by Country in 2026. index.dev, May 2026.
  17. Software Development Price Guide: Hourly Rate Comparison. FullStack Labs, October 2025.
  18. Offshore Software Development Rates by Country 2025. DistantJob, September 2025.
  19. CHAOS Report 2015. The Standish Group, October 2015.
  20. Delivering large-scale IT projects on time, on budget, and on value. McKinsey & Company with University of Oxford, October 2012.
  21. Why Your IT Project May Be Riskier Than You Think. Flyvbjerg & Budzier, Harvard Business Review, September 2011.
  22. Up to 75% of Business and IT Executives Anticipate Their Software Projects Will Fail. Geneca (via PR Newswire), March 2011.
  23. Quantifying GitHub Copilot's Impact on Developer Productivity and Happiness. GitHub (arXiv:2302.06590), September 2022.
  24. Measuring the Impact of Early-2025 AI on Experienced Open-Source Developer Productivity. METR, July 2025.
  25. 2025 Developer Survey: AI. Stack Overflow, 2025.
  26. 2024 Accelerate State of DevOps Report (DORA). Google Cloud, October 2024.
  27. AI Copilot Code Quality: 2025 Research. GitClear, 2025.
  28. 2025 GenAI Code Security Report. Veracode, July 2025.
  29. Copyright and Artificial Intelligence, Part 2: Copyrightability. US Copyright Office, January 2025.
  30. Copyrightability of AI Outputs: US Copyright Office Analyzes Human Authorship. Jones Day, February 2025.

About this guide

Author
AI Dev staff, Editorial team
Published
July 14, 2026
Sources cited
30 primary sources. See full list.
Methodology
IP and contract guidance draws on primary US legal sources: the Association of Corporate Counsel, Orrick, Jones Day, Community for Creative Non-Violence v. Reid, and 17 U.S.C. 204(a). Rate data is triangulated from Clutch, FullStack Labs, index.dev, and DistantJob, which reflect each firm's own pricing rather than a neutral audit and are presented as directional market ranges; the salary gap is from the Stack Overflow 2025 Developer Survey. Project-failure data comes from the Standish Group CHAOS Report (an industry survey, not audited), McKinsey with the University of Oxford, Flyvbjerg and Budzier, and Geneca, framed as large-project patterns. AI claims separate controlled experiments (GitHub Copilot, METR) from self-reported surveys (Stack Overflow) and security testing (Veracode), and present the mixed evidence rather than the optimistic half. Payment-split and red-flag norms are from practitioner and vendor write-ups, attributed as such. Web research conducted July 2026. Reviewed and edited by AI Dev staff before publication.
Machine-readable
Read as Markdown. Provided for AI search engines and LLM crawlers.

Free, no sales call

Get a fixed quote in 48 hours

Send a few sentences about what you want built. We'll reply within 48 business hours with a written scope, a milestone plan, and a fixed quote you own outright. No sales call, no obligation.