Agents have delegated authority.
They can call tools, access data, and take actions across systems your customers care about.
AI runtime security for systems that act
Harden and verify agentic systems in production.
One Rust kernel that probes, blocks, and signs every agent action — at the boundary, in your stack.
Backed by
Five institutional
pre‑seed investors.
pre‑seed investors.
The problem
AI agents are your newest security risk.
AI systems now call tools, use credentials, touch customer data, generate code, update records, and trigger workflows. But when an enterprise buyer asks how those systems are controlled, most teams are still stuck assembling screenshots, logs, policy docs, and trust-us answers.
Security reviews are getting harder.
Enterprise buyers want to know how prompt injection, tool misuse, data leakage, unauthorized actions, and drift are controlled.
Logs are not proof.
A log may show that something happened. It does not prove which control ran, what decision was made, or whether the evidence can be verified later.
Classification via API leaks the data you’re trying to protect.
Most AI safety tools send your inference data to their cloud classifier to decide whether it should be sent anywhere. The trust boundary fails before the check runs.
Your team does not have time.
Fast-growing AI companies need security depth before they have a mature security organization.
Glacis gives AI teams a way to harden the runtime and produce proof customers can actually use.
The runtime trio
Probe. Block. Sign.
Production AI fails at the boundary where it acts. GLACIS probes that boundary inside your stack, blocks unsafe actions at runtime, and signs every decision the agent makes — assembling proof your buyer can verify for themselves.
Authorized adversarial probing against your APIs, tools, agents, and workflows. Every finding lands with the request that proves it — exploitable, not theoretical.
Runtime controls at the action boundary — backed by classifiers running on your own hardware, not a vendor API. Tool allowlists, parameter checks, approval gates, regression tests in CI.
Every probe, block, and controlled action emits an OVERT receipt. Signed at runtime, tamper−evident, verifiable offline — independent of GLACIS.
The artifact
From runtime controls to customer-ready proof.
A receipt proves the relevant runtime event, control decision, outcome, timestamp, policy version, and verification metadata — without exposing the sensitive payload.
An evidence pack turns many receipts into a review-ready artifact: what was assessed, what controls exist, what ran, what was blocked or escalated, and what remains to improve.
Receipts prove the moment. Evidence packs tell the defensible story.
| Workflow | Agent tool call, model update, clinical summarization, or production AI decision. |
|---|---|
| Control | Tool permission, prompt-injection guard, PHI boundary, model-change rule, or escalation policy. |
| Decision | Allowed, blocked, escalated, redacted, or sent for review. |
| Receipt | Signed evidence receipt with policy hash, model version, timestamp, and OVERT-compatible verification metadata. |
| Evidence Pack | Customer security review artifact, regulatory evidence, audit trail, or internal incident review. |
Receipts prove control execution without exposing the underlying sensitive content.
The role
We’re not the dashboard. We’re the instrumentation underneath it.
Glacis is software that runs in your environment and produces evidence your team uses. We don’t replace your auditors, regulators, or compliance tooling — we give them something they can verify independently. The dashboard is yours. The trust posture is yours. We’re what makes both defensible.
Under the hood. Scanner, enforcer, local classifier, notary.
Four parts that ship together in your environment.
- scanner
- enforcer
- local classifier
- notary
The offer
Two paths, one runtime proof layer.
Glacis runs in your environment whichever door you walk through. Pick the one that fits where the work is.
Start with discovery when the surface is unclear.
Two to four weeks. We map your inference surface, identify the gaps in your trust posture, and produce a written recommendation with the next step. If you proceed within sixty days, the discovery fee credits toward the install.
Start with a proof sprint when the workflow is known.
We wrap one high-risk workflow, generate receipts, verify them offline, reproduce a finding, and deliver the evidence bundle. Designed to convert to annual.
Buyer routing
One platform. Three entry points.
Same runtime assurance loop, three pressures it answers to: an enterprise security review on the agentic side, a regulator on the clinical side, an SRE who needs to prove what happened when AI acted in production.
Runtime controls and signed proof for agents that act.
Harden agents that use tools, credentials, customer data, and delegated authority before enterprise security review.
Harden an agentEvidence infrastructure for clinical AI and AI-enabled medical products.
Generate runtime evidence for change-record reviews, post-market monitoring, drift review, and control-execution proof — without moving sensitive data out of your environment.
Assess clinical AI evidence readinessAI observability with proof that controls executed.
Move beyond logs with runtime evidence that shows what happened, what controlled it, and how the system improved afterward.
See the assurance loop
Verification
Portable proof, not vendor-only logs.
OVERT is the evidence receipt layer behind Glacis. It gives teams a structured way to preserve runtime proof: which controls ran, what decision was made, when it happened, and how the evidence can be verified.
Runtime controls create the assurance. Signed receipts preserve the proof. OVERT makes that proof portable, tamper-evident, and review-ready.
receipt.type: runtime_control
decision: escalated
policy_hash: 9e41...a12
model_version: clinical-scribe-4.2
signature: ed25519:7f3e...d24b
decision: escalated
policy_hash: 9e41...a12
model_version: clinical-scribe-4.2
signature: ed25519:7f3e...d24b
Bring us one AI workflow.
We’ll map the agent surface, identify the runtime control gaps, and show what proof your customers will expect before they trust it.