The Evidence
Layer for AI
You've built AI governance. Now make it visible. GLACIS creates cryptographic evidence that your AI controls actually executed — third-party witnessed, zero data egress.
pip install glacis
The problem
Proving AI controls is harder than it should be
Financial systems have audit trails. Medical devices have mandated records. Aircraft have flight recorders. AI systems need the same level of verifiable evidence.
Litigation isn’t hypothetical — it’s here.
In November 2025, Sharp HealthCare faced a class action alleging their ambient AI scribe recorded 100,000+ patient conversations without proper consent. The challenge wasn’t just "AI risk" — it was evidence: they needed to prove what the AI did with independent verification.
Self-Maintained Logs Have Limitations
When buyers, auditors, or regulators ask for evidence, self-maintained logs often aren’t sufficient. Independent verification provides the objectivity that internal records can’t.
Sensitive Data Can’t Move
The moment AI handles PHI, PII, or proprietary data, it often can’t be routed through third-party logging — by policy, HIPAA, or what a CISO will allow.
Observability ≠ Evidence
Most "AI monitoring" tools are built to debug, not to establish independent chain of custody. Dashboards don’t hold up in court.
The insight
Zero-Egress Attestation
You don’t need a third party to see sensitive data to prove integrity. GLACIS generates cryptographic receipts for every AI interaction — hashing prompts, responses, tool calls, and policy decisions locally, then anchoring those receipts to an independent witness network. The sensitive payload never leaves your environment.
See it in action
Watch Controls Execute in Real Time
An AI request arrives...
How it works
Add proof in 5 lines of code
Install the Python SDK, wrap your AI calls, and every prompt, response, tool call, and policy decision gets sealed with a tamper-proof receipt — witnessed by our live attestation service.
pip install glacis
·
SDK available now
Zero Egress
Data stays local
Non-blocking witness
Read-only observer
Tamper-proof
Crypto signatures
~5ms
Zero slowdown
What this unlocks
Evidence for buyers and auditors
Evidence Pack Sprint
A focused engagement that produces the compliance evidence buyers and auditors request — controls mapping, attestation reports, and board-ready deliverables.
Learn moreContinuous Attestation
Independent, third-party witnessed proof that your AI controls executed for every interaction. The guardian described above, deployed for your infrastructure.
Learn moreWho we help
AI teams in regulated industries
Healthcare AI Builders
HIPAA, BAA, & patient safety
Health Systems
Vendor evaluation & risk
Financial Services
SR 11-7 & model risk
EU AI Act
High-risk AI compliance
The insurance imperative
Underwriters need verifiable evidence
AI-specific coverage is emerging. Endorsements and exclusions are already appearing across cyber, E&O, and D&O policies. The direction is clear: insurers will price and underwrite based on demonstrable controls — not policy PDFs.
GLACIS provides the evidence layer underwriters need: independently verified proof that makes AI behavior measurable, controls verifiable, and risk priceable.
What receipts prove
- What the system saw (without exposing sensitive payloads)
- What controls executed and what policies were active
- What the system generated (with tamper-proof timing)
- Which binary artifact was running (signed execution lineage)
"We would never accept this for any other critical system. Financial systems have audit trails. Medical devices have mandated records. Aircraft have flight recorders. AI systems need the same level of verifiable evidence."
As seen in
FAQ
Common questions
We already have SOC 2 / are working toward HITRUST
Great — those cover IT controls. AI-specific assurance addresses model behavior, decision audit trails, and content safety risks that SOC 2 and HITRUST don’t cover. They’re complementary.
How is this different from our existing documentation?
Documentation describes what should happen. GLACIS provides cryptographic proof of what actually happened — third-party witnessed evidence that your controls executed, not just that policies exist.
What industries do you work with?
We work with AI teams in regulated industries including healthcare, financial services, insurance, and enterprise. The common thread is needing to prove AI controls work, not just that policies exist.
What if we’re not ready for a full compliance program?
That’s fine. We offer focused engagements for teams who need to unblock deals now. Start with what you need, expand later.
Ready to prove your AI is responsible?
See where you stand in 2 minutes. No sales call required.
Free assessment · No credit card · Instant results