Evaluations of security agents typically focus on their success rates, but a new approach considers the cost of these agents' operations. This cost-aware evaluation assesses the financial impact of every step a security agent takes, from reasoning and tool calls to telemetry queries and enrichment requests. The traditional method of measuring peak offensive capability under generous budgets is incomplete, as it overlooks the operational costs of security agents. Researchers are now applying this cost-aware evaluation to language-model security agents, which have significant implications for the field. The consideration of cost introduces a new layer of complexity to security-agent evaluation, highlighting the need for a more nuanced understanding of their capabilities. This shift in perspective matters to security practitioners, as it can inform more effective and efficient allocation of resources in operational security, so what matters most is how this new evaluation approach can optimize security spending1.