Insights

Custom AI Surveillance Systems: Build vs Buy — A Framework for CTOs

The Short Answer

If your use case involves restricted zones, custom detection logic, or existing CCTV infrastructure, off-the-shelf surveillance software will hit a ceiling fast. A custom build gives you control over detection rules, data residency, and integration depth — but it carries real delivery risk if CV edge cases aren't scoped properly from day one. The same system built AI-natively — with an agent paired to every engineer — delivers in under 3 months, not 6.

Most vendors will tell you to buy. We built one. Here's what we learned.

A client came to us with multiple warehouses, existing CCTV infrastructure already installed, and a list of requirements that no off-the-shelf platform was going to satisfy: facial recognition against their own access control list, zone-based violation detection, fire and firearm detection, and full on-prem deployment with no cloud dependency. The question wasn't whether AI could do this. It was whether to build it or buy it — and what that decision actually costs.

What "buy" actually gets you — and where it breaks

Off-the-shelf surveillance platforms handle commodity use cases well. Motion detection, cloud storage, mobile alerts, basic analytics — if that's the scope, buy. Don't build.

Where they break down:

Detection logic tied to your own org structure. Platforms like Verkada or Genetec don't model your org → site → blueprint → camera zone hierarchy. They give you zones. You give them meaning manually.

Facial recognition against your own access list. Vendor platforms offer facial detection. Matching against a proprietary database of enrolled personnel, with zone-specific permissions and real-time violation alerts, is a different product.

On-prem with no cloud dependency. Most commercial platforms assume cloud connectivity for model updates, storage, and remote access. Air-gapped or data-residency-constrained environments aren't an afterthought — they're a blocker.

Custom model training. Vendor models are trained on curated datasets. Your warehouse has specific lighting conditions, camera mounting angles, and object types. When the environment doesn't match the training data, detection fails — and you can't retrain a vendor's model.

Integration with internal systems. Ticketing, RBAC, ops workflows — vendors offer webhooks. If you need deep integration, you're building middleware regardless.

What we built — and how

8-person team. 6 months. On-prem NVIDIA-accelerated hardware. Every engineer shipped with an AI agent alongside them — code generation, test coverage, debugging, documentation. That's not a workflow tweak. It's a structural change to how output compounds across a team. A conventional dev shop quotes 6 months for a scope like this. We delivered it in 6. Built AI-natively from day one, the same scope delivers in under 3 months.

Stack:

  • Django — core platform, RBAC, clip stitching
  • FastAPI — stream ingestion, frame queuing
  • MQTT — real-time messaging between camera hardware and processing layer
  • Custom CV models — NVIDIA-accelerated, trained for detection and recognition
  • React / Next.js — dashboard, alert centre, activity logs
  • Docker + NVIDIA container runtime — fully on-prem

What shipped:

  • Org → site → blueprint → camera zone hierarchy with full management UI
  • Role-based access control across Admin, Manager, Surveillance Specialist, and additional roles
  • Facial embedding access control — pre-enrolled embeddings matched against live detections, zone-specific permissions, real-time violation alerts
  • Fire detection and firearm detection running on live feeds
  • Colour-based footage search — search "red" and retrieve all clips containing red clothing or vehicles
  • Person-name search — retrieve all footage associated with a specific enrolled individual
  • Full ticketing system for incident detection, tracking, and resolution
  • Smart clip algorithm — ending-frame analysis confirms the subject has left the zone before the clip closes. No vendor product does this out of the box.

Total project cost: approximately $240,000 at offshore engineering rates. A US-based team delivering the same scope would run $400,000–$600,000+.

Where custom builds fail — the honest post-mortem

This is the part vendors won't tell you.

CV models are environment-specific. The model performed well in testing. It failed on top-down warehouse cameras because it was trained primarily on frontal and near-frontal faces. Firearm detection missed non-black weapons because training data was narrow. These aren't edge cases — they're the norm when you deploy to a real site with real cameras in real lighting conditions. The fix is to gather sample footage from the actual deployment environment before finalising model training. We know that now.

On-prem deployment is a different product. Network configuration, VLAN rules, firewall setup, NVIDIA driver alignment, camera RTSP compatibility — none of this is "just deployment." It's infrastructure engineering. We underscoped it. The result was unplanned time at go-live sorting config issues that should have been resolved in a pre-deployment site audit. It's avoidable. We now build a site audit into every on-prem engagement, 2–4 weeks before go-live.

SaaS ambition baked in late. Mid-project, the client mentioned they might productise the system. Single-tenant schema decisions made in month one are expensive to retrofit for multi-tenancy. If a client says "we might sell this later," that's a scope decision, not a footnote. Treat it as a now requirement or de-scope it in writing at kickoff.

Integration contracts between CV and backend need to be written. Event schema, queue format, clip metadata — agreed verbally between the CV team and the Django team, renegotiated mid-project when assumptions diverged. It cost time. The fix is a shared integration contract versioned like an API spec, agreed on day one.

The build vs buy decision framework

Build when:

  • Your detection logic needs to map to your own org, zone, or access control structure
  • You have existing CCTV infrastructure that won't be replaced
  • Data residency or air-gap requirements rule out cloud vendors
  • Your deployment environment differs enough from vendor training data that model performance will degrade
  • You're planning to productise the system — build for multi-tenancy from day one or explicitly de-scope it

Buy when:

  • Standard motion detection, cloud storage, and mobile alerts cover your requirements
  • Your cameras are modern and compatible with major vendor platforms
  • You need the system running in weeks, not months
  • You don't have the budget or appetite for a custom engineering engagement

The real cost of building: approximately $240,000 at offshore rates for this scope. A US-based team runs higher. The mistake isn't choosing to build — it's underestimating what on-prem CV delivery actually requires. If you've been quoted 6+ months by a traditional dev shop, that timeline is negotiable. AI-native development — an agent paired to every engineer across the full stack — compresses delivery by 50% or more without reducing scope.

What we'd do differently

Three things, in order of impact:

1. Pre-deployment site audit, 2–4 weeks before go-live. Network topology, VLAN setup, firewall rules, camera firmware and RTSP compatibility, NVIDIA driver versions — all of this confirmed and tested locally before anyone arrives on-site.

2. Model evaluation protocol agreed at kickoff. Minimum confidence thresholds and test scenarios for every detection feature — facial recognition under poor lighting, top-down angles, partial occlusion; firearm detection across colour variants; fire detection against reflective surfaces — signed off before scope is locked.

3. Integration contract on day one. CV team and backend team agree on event schema, queue format, and clip metadata structure before parallel development starts. Version it. Treat it like an external API.

FAQs

What is build vs buy in the AI era?

Build vs buy in the AI era means choosing between training and deploying custom models for your specific environment or integrating a pre-built vendor solution. The calculus has shifted — off-the-shelf AI products now cover commodity use cases well, but custom environments with unusual camera angles, proprietary access control, or air-gapped infrastructure still require bespoke builds. The right answer depends on how specific your detection logic needs to be and whether your deployment environment matches what vendor models were trained on.

How much does a custom AI surveillance system cost to build?

A production-grade custom AI surveillance system — facial recognition, zone-based access enforcement, real-time detection, on-prem deployment — ran approximately $240,000 for an 8-person team over 6 months at offshore engineering rates. A US-based team delivering the same scope would run $400,000–$600,000+. Built AI-natively with an agent paired to every engineer, the same scope delivers in under 3 months, which changes the economics materially.

What are the biggest risks in a custom computer vision deployment?

The three most common failure points are: CV model performance degrading in the real environment because lighting, camera angles, and object variation almost always differ from training data; on-prem infrastructure setup being underscoped, with NVIDIA driver alignment, network config, and camera compatibility adding significant unplanned time; and integration gaps between the CV pipeline and backend systems when event schemas aren't defined upfront. All three are avoidable with the right pre-delivery process.

Can AI be used for surveillance in restricted or air-gapped environments?

Yes, but it requires fully on-prem deployment with no cloud dependency — which most commercial surveillance vendors don't support. Custom builds using NVIDIA-accelerated hardware and containerised inference pipelines can run entirely within a private network. The trade-off is that model updates, retraining, and system maintenance all require on-site or VPN access, and initial deployment complexity is significantly higher than a cloud-based system.

If you're scoping a custom AI system and you've been quoted 6+ months by a traditional dev shop, that timeline is negotiable.

We pair an AI agent with every engineer across the full stack — same scope, under 3 months.

Book a scoping call →