About GLACIS
AI is now calling tools, touching credentials, shipping code, and operating production workflows. Glacis builds the runtime layer that hardens that behavior inside your environment and preserves signed proof of which controls ran — so every claim about your AI is something a customer, regulator, or board can actually verify.
Founded in Seattle, 2024 · Backed by AI2 Incubator, Mighty Capital, Plug & Play, Safe AI Fund, Sourdough, Cloudflare Launchpad.
Why we exist
The audit trails, security questionnaires, and attestation packets the enterprise relies on were written for software that follows workflows and produces records. AI agents don’t describe risk — they take action. They call tools, use credentials, ship code, update records, and operate clinical and customer workflows. The next decade of assurance needs something the last one never had: tamper-evident proof of what the AI did at runtime.
Inside fast-growing AI companies, agents already use credentials, call internal tools, modify records, and reach customers. The legacy assurance stack — written for software that follows playbooks — has nothing to say about a system that decides what to do next.
Enterprise security reviewers, regulators, auditors, and boards are asking the same question with growing impatience: which controls actually ran when your AI took that action? A log says something happened. A policy says it shouldn’t. Neither is the verifiable record an enterprise customer will accept before signing a contract.
Glacis runs locally, instruments the agent and tool-call boundary, executes runtime controls when behavior drifts, and emits signed evidence receipts that assemble into review-ready packs. Built on OVERT, our open standard for runtime evidence. Sensitive prompts, outputs, customer data, and credentials never leave your environment.
Leadership
Between us we’ve shipped consumer AI to a billion devices, stood up infrastructure for a hyperscale cloud, and helped clear the first FDA-authorized AI diagnostic. Every one of those products had the same paradox at the seams: ship fast, or prove it works. We built Glacis so the next generation of AI teams doesn’t have to choose.
Co-Founder & CEO
Founding team at SwiftKey (acquired by Microsoft for $250M), scaled the keyboard AI to 300M+ devices pre-acquisition; the technology now ships on 1B+ devices globally. Chief Strategy Officer at Vektor Medical. 15+ years building AI products at scale.
Co-Founder & CTO
Nearly 19 years at Microsoft leading Azure infrastructure at billion-dollar scale. Most recently on the AI Foundry team building the infrastructure layer for enterprise AI. Architected the Glacis enforcement stack from first principles.
Co-Founder & Chief Medical Officer
Board-certified psychiatrist with 15+ years clinical experience. Medical Director at Cognoa — helped develop Canvas Dx, the first FDA-authorized AI diagnostic for autism. CHAI Coalition member.
Principles
01 / PRIVACY
We architect systems so we never see your data. Trust through verification, not promises. Sensitive payloads stay inside your stack — only signed commitments leave.
02 / SPEED
Accountability that slows you down isn’t accountability — it’s a tax. We optimize for both speed and rigor. Five lines on the agent, one artifact for the auditor.
03 / PROOF
Attestations over assertions. Cryptographic evidence over policy documents. Every claim about your AI is something a third party can verify offline.
04 / OPEN
OVERT 1.0 is the open spec for runtime evidence receipts. Any conformant verifier — including ones built by competitors — can check a Glacis receipt without us in the loop.
Backed by
We’ll map the agent surface, identify the runtime control gaps, and produce an evidence pack you can take into enterprise security review, regulatory submission, or a board briefing.
Or say hello →