AI runtime assurance

The runtime assurance layer for AI.

Glacis runs inside your infrastructure, controls AI behavior at the inference, tool-call, and agent boundary, and generates signed evidence proving which controls ran — without sensitive data leaving your stack.

Book the Sprint See a sample evidence pack

Runtime controls. Signed receipts. Zero sensitive-data egress.

Backed by Five institutional
pre‑seed investors.
AI2 IncubatorPaul Allen’s AI institute Mighty CapitalSan Francisco, CA Plug & PlaySunnyvale, CA Safe AI FundGeoff Ralston / SAIF SourdoughSeattle, WA
SOC 2 Type II trust.glacis.io →
The problem

AI agents are becoming your newest enterprise security risk.

AI systems now call tools, use credentials, touch customer data, generate code, update records, and trigger workflows. But when an enterprise buyer asks how those systems are controlled, most teams are still stuck assembling screenshots, logs, policy docs, and trust-us answers.

Agents have delegated authority.

They can call tools, access data, and take actions across systems your customers care about.

Security reviews are getting harder.

Enterprise buyers want to know how prompt injection, tool misuse, data leakage, unauthorized actions, and drift are controlled.

Logs are not proof.

A log may show that something happened. It does not prove which control ran, what decision was made, or whether the evidence can be verified later.

Your team does not have time.

Fast-growing AI companies need security depth before they have a mature security organization.

Glacis gives AI teams a way to harden the runtime and produce proof customers can actually use.

The assurance loop

See. Control. Prove. Improve.

Production AI rarely fails on the model itself — it fails at the boundary where it acts. Glacis instruments that boundary inside your stack, then assembles signed proof from what it sees.

See what happened.

Make AI behavior visible inside your environment across model calls, tool calls, control decisions, escalation paths, drift signals, and operating events.

Control what matters.

Apply runtime controls that allow, block, redact, restrict, escalate, or require review before risky behavior reaches a workflow, tool, record, or customer.

Prove what ran.

Generate signed, tamper-evident receipts showing which controls ran, what decision was made, and when — without exposing the sensitive payload.

Improve what comes next.

Use incidents, drift, near misses, and control outcomes to strengthen policies, monitoring, model-change records, and operating procedures.

The offer

Start with the Agent Runtime Assurance & Evidence Sprint.

We map one high-risk AI workflow, instrument the runtime, and produce an evidence pack you can hand to enterprise reviewers, auditors, and internal leadership.

Not a generic scanner. A focused runtime review for AI systems that act.

Book the Sprint See a sample evidence pack
The artifact

From runtime controls to customer-ready proof.

A receipt proves the relevant runtime event, control decision, outcome, timestamp, policy version, and verification metadata — without exposing the sensitive payload.

An evidence pack turns many receipts into a review-ready artifact: what was assessed, what controls exist, what ran, what was blocked or escalated, and what remains to improve.

Receipts prove the moment. Evidence packs tell the defensible story.

Sample evidence object zero sensitive-data egress
Workflow Agent tool call, model update, clinical summarization, or production AI decision.
Control Tool permission, prompt-injection guard, PHI boundary, model-change rule, or escalation policy.
Decision Allowed, blocked, escalated, redacted, or sent for review.
Receipt Signed evidence receipt with policy hash, model version, timestamp, and OVERT-compatible verification metadata.
Evidence Pack Customer security review artifact, regulatory evidence, audit trail, or internal incident review.
Receipts prove control execution without exposing the underlying sensitive content.
Buyer routing

One platform. Three entry points.

Same runtime assurance loop, three pressures it answers to: an enterprise security review on the agentic side, a regulator or PCCP on the clinical side, an SRE who needs to prove what happened when AI acted in production.

Agentic AI security

Runtime controls and signed proof for agents that act.

Harden agents that use tools, credentials, customer data, and delegated authority before enterprise security review.

Harden an agent
Regulated clinical AI

Evidence infrastructure for clinical AI and AI-enabled medical products.

Generate runtime evidence for PCCP-ready change records, post-market monitoring, drift review, and control-execution proof — without moving sensitive data out of your environment.

Assess clinical AI evidence readiness
AI Operations & Observability

AI observability with proof that controls executed.

Move beyond logs with runtime evidence that shows what happened, what controlled it, and how the system improved afterward.

See the assurance loop
Verification

Portable proof, not vendor-only logs.

OVERT is the evidence receipt layer behind Glacis. It gives teams a structured way to preserve runtime proof: which controls ran, what decision was made, when it happened, and how the evidence can be verified.

Runtime controls create the assurance. Signed receipts preserve the proof. OVERT makes that proof portable, tamper-evident, and review-ready.

Read the standard See a sample evidence pack
receipt.type: runtime_control
decision: escalated
policy_hash: 9e41...a12
model_version: clinical-scribe-4.2
signature: ed25519:7f3e...d24b

The entry motion

Bring us one AI workflow.

Map the agent surface. Instrument the runtime. Hand back signed proof — the artifact your enterprise reviewers, regulators, and customers will ask for.

Book the Sprint See sample evidence