GLACIS

AI Compliance
You Can Verify

Evidence-Grade Attestation for AI Systems

We turn every AI action into tamper-evident proof
so buyers can independently verify.

AI2 Incubator Cloudflare Launchpad Databricks

[email protected]glacis.io

GLACIS

The Problem

AI Vendors Are Losing Deals to Procurement

AI vendors are losing deals because they can't quickly and easily produce verifiable proof that their systems meet security and compliance requirements for health systems, payors, clinics, and platform providers.

The Vendor's Problem

AI vendors losing deals, delaying deployments, burning cycles on manual audit responses and security questionnaires.

The Gap

Guardrail vendors enforce and log. But buyers still have to trust their interpretation. No independent verification.

The Buyer's Ask

"Prove your AI controls actually work—to someone who doesn't trust your dashboard."

"Trust our dashboard"

What competitors offer

Audit-grade evidence bundles

What GLACIS provides

GLACIS

Why Now

Regulatory Deadlines Create Urgency

Now

HIPAA + AI Risk

AI dramatically increases HIPAA violation exposure. Every AI interaction touching PHI needs auditable proof of compliant handling.

June 30, 2026

Colorado AI Act

First US state law with affirmative defense for NIST AI RMF / ISO 42001. Violations up to $20K each.

August 2, 2026

EU AI Act

Healthcare AI classified as "high-risk." Requires continuous automatic recording of events and traceability throughout lifecycle.

January 1, 2027

California CPPA

ADMT opt-out rights for healthcare, finance, employment decisions. Risk assessments required by April 2028.

"If you could evaluate the top 10 AI tools I'm being pitched and give me one report that proves they're safe to deploy... sign me up."

— CMIO, 400-bed regional health system

The thesis: In 18 months, regulated AI without cryptographic proof will be uninsurable and unprocurable. The window for purpose-built solutions is 2025-2027—organizations starting now barely have time for full compliance.

GLACIS

The Wedge

Evidence Pack Sprint: Days. Not Months.

Runtime Evidence Pack

Cryptographic proof that guardrails ran on every single request. Not logs—receipts.

Control Mapping

HIPAA, SOC 2, ISO 42001, HITRUST AI (44 controls), HECVAT 4.0 pre-mapped. Auditor-ready from day one.

Buyer-Ready Portal

One URL replaces 400 security questions. Enables "Green Lane" automated procurement.

Day 1

Drop-in sidecar

Days 2-8

Collect attestations

Day 10

Evidence portal live

Risk Reversal: No deployable evidence pack? Full refund.

We eat the risk because we know the tech works.

GLACIS

Inevitability

Trust Centers Become Proof Centers

2020

Trust Center

Static docs, SOC 2 badges, status pages

2025

Runtime Proof

Buyers demand evidence, not promises

2026

Proof Center

Table stakes for enterprise AI

The pattern is clear: Every B2B company has a trust center now. But those are promises about intent—not proof of execution.

We're not inventing a category.

We're riding an inevitable transition and owning the infrastructure layer.

Network Effect: More vendors adopt Evidence Packs → Health systems require Evidence Packs in RFPs → More vendors adopt (competitive pressure) → GLACIS becomes procurement standard.

GLACIS

How It Works

Zero-Payload Egress. No BAA Required.

Customer VPC / Trust Boundary

Your App

GKE / ECS / Lambda

GLACIS

SIDECAR

Attest → Hash → Sign

<50ms • 0 bytes PHI out

Witness

Hashes only

Merkle anchor

Zero-Egress = No BAA Required

PHI never leaves customer boundary. Eliminates months of legal review.

Third-party verifiable

Ed25519 signatures + RFC 6962 Merkle trees. Security teams verify independently—no trust required.

Drop-in deployment

Sidecar alongside your gateway. Works with OpenAI, Anthropic, Vertex, any LLM.

GLACIS

Defensibility

70+ Patent Claims Filed (Nov 2025)

Co-Epoch Attestation

Binary hash + network isolation binding per epoch. Auditor-reproducible sampling via Digest Publication Ledger.

Cryptographic Control Loop

Control actions require 5 cryptographic gates. Only verified receipts can modify system behavior.

Parametric Insurance Triggers

Automated payouts from attestation data. Zero-knowledge risk assessment—no content custody.

Statistical Safety Protocol (S3P)

Industry's first auditor-verifiable hallucination rate. Cryptographic random sampling with Clopper-Pearson confidence intervals enables actuarial pricing and procurement verification.

The moat: Governance platforms tell you what went wrong after the fact. GLACIS prevents violations in real-time and provides tamper-proof evidence. Competitors can build guardrails—they can't own the attestation primitives.

GLACIS

Validation

Early Signal: Market Leader Reached Out

Credo AI's CEO (Forrester Wave Leader in AI Governance) reached out directly after seeing our positioning—meeting at JPM to discuss how GLACIS complements their governance platform.

When the market leader sees you as infrastructure they need, that's signal.

Design Partners

nVoq

Clinical voice scribe. Evidence pack pilot underway.

Prompt Opinion

AI governance for clinical decisions. Active design partner.

Pipeline

Mayo Clinic

Platform CIO meeting confirmed at JPM.

Backing & Distribution

AI2 Incubator

$600K. AI-native company network.

Cloudflare Launchpad

GTM partnership. Infrastructure credibility.

Databricks

Credits + distribution. Healthcare AI focus.

CHAI

Joining coalition. 50+ health system network.

GLACIS

Expansion

Beachhead → Universal Infrastructure

Now

Healthcare AI

Hardest compliance = strongest moat

Next

Life Sciences

Pharma, med tech, clinical trials

Then

FinServ + Legal

SOX, GDPR are easier problems

End State

All Regulated AI

$50B+ AI liability insurance market

The SSL analogy

SSL became the trust layer for every web transaction. We're building the proof layer for every consequential AI decision.

Insurance enabler

Insurers need: (1) Parametric triggers, (2) Cryptographic proof, (3) Immutable logs. We provide all three. Competing platforms provide none.

Dual-Sided Flywheel

AI Vendors Adopt Evidence Packs in Market Health Systems Require in RFPs Competitive Pressure

Critical mass targets: 10 vendors with Evidence Packs • 3 enterprise health systems requiring in RFPs • 1 GPO pre-vetting

GLACIS

Team

FDA De Novo Cleared. 10 Health Systems Sold. SaMD Reimbursed. We've Lived This Problem.

Joe Braidwood

Joe Braidwood Co-Founder & CEO

1 in 4 smartphone users globally

SwiftKey: Founding exec → $250M Microsoft acquisition

Cambridge Law • Regulatory navigation

Dr. Jennifer Shannon

Dr. Jennifer Shannon Co-Founder & Chief Medical Officer

First FDA-Authorized AI Diagnostic

Cognoa: Medical Director, secured FDA authorization

UW FacultyCHAI: 50+ health systems network

Caer Sanders

Caer Sanders Principal Engineer

Rust/WASM at Billion-Scale

WPI Robotics FacultyWayfair: Staff eng, <10ms ML

Atreya Bhat

Atreya Bhat AI Engineer

Healthcare AI Evaluation

WPI MS Robotics • Deep RL, LLMs, Computer Vision

Advisors

Selvan Senthivel GE Healthcare Chief Technologist
Nakis Urfi, JD, MPH Cantex CCO (37 facilities)
David Márton Harvard AI Research
Brett Murray Nvidia, Walmart, Nokia C-Suite
John Ryley Former Head, Sky News
GLACIS

The Ask

$1.25M Pre-Seed Round

In 18 months, regulated AI without cryptographic proof will be uninsurable and unprocurable.

We're building the infrastructure that makes deployment possible.

$500K–$1M

ARR target by Dec 2026

70+ Patent Claims

4 families filed Nov '25

$50B+ Market

AI liability insurance TAM

August 2026: EU AI Act general application • June 2026: Colorado AI Act enforcement
Organizations need 12-18 months to implement. The window is closing.

[email protected]glacis.io

1 / 11