AI2 Incubator | Cloudflare

The Evidence Layer
for AI

Governance committees don't trust policy documents. They trust evidence. We help AI vendors generate proof their controls actually ran.

[email protected] glacis.io

Pango holding cryptographic proof receipt

The Problem

Your healthcare AI is stuck in procurement

You've built AI that works. But every health system governance committee asks questions you can't answer:

"

How do we know your guardrails actually ran on every inference?

"

Can you prove consent was captured before each AI interaction?

"

What happens when the plaintiff's attorney asks for evidence?

The Gap

Your dashboard says "compliant."
Their lawyers say "prove it."

Deals stuck in legal for 6+ months

Security questionnaires you can't answer

Liability exposure without proof

Pango examining evidence with magnifying glass

What's Happening Now

The trust gap is real—and growing

NOV 2025 Sharp HealthCare Class Action

~100,000 patients. Allegation: ambient scribe hallucinated consent. The AI vendor can't cryptographically prove otherwise.

DEC 2025 Major Health System Blocks AI Deal

AI Governance Committee blocked vendor contract over data ownership and auditability concerns. Vendor's dashboard wasn't enough.

For AI vendors: Every month without provable controls is another deal stuck in legal review, another competitor who might figure this out first.

What We Do

Receipts, not promises

We generate cryptographically signed proof that your safety controls executed at inference time. Timestamped. Independently verifiable. Mapped to the frameworks procurement committees recognize.

Consent captured

Guardrails executed

PHI properly handled

Model version locked

When the attorney asks "prove it"—you can. When the procurement committee asks for evidence—you have it. When the auditor arrives—you're ready. And after the deal closes, you have ongoing proof for internal compliance, board reporting, and liability protection.

Why Now

The vendor who proves execution closes first

Regulations create deadlines. But the real urgency is competitive: while your deals are stuck in legal, someone else is figuring this out.

COMPETITIVE ADVANTAGE

Close faster: Answer security questionnaires definitively

Reduce friction: Give governance committees what they need

Differentiate: Your competitors can't prove execution. You can.

REGULATORY DEADLINES

JUN 2026 Colorado AI Act — $20K/violation

AUG 2026 EU AI Act — Healthcare = high-risk

JAN 2027 California CPPA — Risk assessments

Standard of care precedes law. NIST AI RMF and ISO 42001 are already the de facto duty of care.

The window: In 18 months, AI vendors without cryptographic proof will lose deals to those who have it.

The Market

Healthcare AI is exploding. Governance isn't keeping up.

$170B by 2029

TAM — Healthcare AI market

$5.8B by 2029 • 45% CAGR

SAM — AI Governance Software

Our Focus

$1B+ by 2029

SOM — Healthcare AI Governance

Initial wedge: ambient AI vendors

First Enforcement

Texas AG settled with Pieces Tech over AI hallucination claims (Sept 2024)

The governance gap

16%

of health orgs have AI governance

Yet 78% face regulatory scrutiny

70%

of AI pilots fail

Governance gaps, not tech problems

1,250+

FDA-authorized AI devices

Up from 950 in 2024 — accelerating

Sources: MarketsandMarkets, Grand View Research, FDA, Advisory Board, Texas AG

The Insight

No one else proves execution

Guardrails block bad things. GRC platforms document policies. Neither proves your controls actually ran on every inference.

Infrastructure Players

Cloudflare, AWS, Alinia

Block bad things at runtime

Gap: No compliance mapping. Logs ≠ proof.

GRC Platforms

Vanta, Credo AI

Document policies and procedures

Gap: No runtime enforcement. Trust us.

GLACIS

Cryptographic Attestation

Prove execution at inference time

Runtime + Compliance + Proof

How It Works

Drop-in. Zero data egress. Sub-50ms.

Your Cloud Environment

Your Healthcare AI

Gen AI in clinical workflows

GLACIS

SIDECAR

Attest → Hash → Sign

<50ms • 0 bytes PHI out

Witness Network

Hashes only

Merkle anchor

Zero-Egress = No BAA

No PHI leaves customer boundary. Eliminates months of legal review.

Third-Party Verifiable

Ed25519 signatures + RFC 6962 Merkle trees. Independent verification.

Drop-In Deployment

Lambda layer or container sidecar. Works with any LLM provider.

The Platform

Live. Shipping. Production-Ready.

Live at app.glacis.io — governance platform, attestation feed, and witness network operational.

Cryptographic Attestations

Merkle-anchored receipts with HIPAA identifiers

Governance Topology Engine

NIST AI RMF • ISO 42001 • EU AI Act • Colorado

Sidecar deployed

Witness network live

Research lab active

Traction

Early traction. Momentum building.

Next milestone

JPM Healthcare 2025

Design Partner

nVoq • Ambient AI for home care

50k+

visits/month

Colorado-based. Facing Colorado AI Act deadline.
Consent attestation • PHI proof • Guardrail evidence

In pipeline

PraxisPro

Prompt Opinion

+ 3 more in conversations

Inbound interest

Health Systems

AI governance inquiries

AI Vendors

Procurement pain resonates

Investors

Healthcare + AI governance thesis

Team

FDA Authorized. Enterprise Deployed.
We've lived this problem.

Joe Braidwood

Co-Founder & CEO

SwiftKey → 1 in 4 smartphone users

Founding exec, $250M Microsoft exit. Scaled AI to hundreds of millions of users. Cambridge Law.

Dr. Jennifer Shannon

Co-Founder & Chief Medical Officer

Cognoa → First FDA De Novo for AI diagnostics

Medical Director at Cognoa. Navigated FDA authorization for AI that diagnoses autism in children. Knows the regulatory path.

Caer

Rust & Cryptography Lead

10+ years production • WPI

Atreya

AI Engineer

Model eval & red teaming • WPI • Ex-PAAI

Advisors

Selvan Senthivel GE Healthcare Chief Technologist

Nakis Urfi, JD, MPH Cantex CCO

Dávid Márton Harvard AI Research · Vektor Medical

John Ryley Former Head of Sky News (17 years)

70+

Patent claims filed

4 families • Fenwick & West

Defensibility

Building the Category Definition

Co-Epoch Attestation

Binds receipts to specific binary versions. Prevents "binary substitution" attacks.

Statistical Safety Signals

Mathematically rigorous sampling for continuous compliance verification.

Zero-Payload Egress

Cryptographic commitments without data exposure. PHI never leaves boundary.

Federated Witness Network

Distributed attestation for independent verification at scale.

Filed Nov 2025 — First-mover advantage in attestation-based AI compliance.

The Ask

$2M to own healthcare AI proof

Use of Funds

Engineering 50%

2 senior engineers (Rust, infra)

Go-to-Market 30%

Health system sales, design partners

Operations 20%

Legal, compliance, infrastructure

18-Month Milestones

1

5+ paying design partners

Ambient AI vendors in production

2

$500K ARR

Platform + Evidence Pack revenue

3

First health system direct

Enterprise governance platform

4

Series A ready

Metrics for $8-12M raise

Why now: First-mover window before Colorado (June 2026) and EU AI Act (Aug 2026) create compliance scramble

Let’s Talk

Let’s connect

We're looking for healthcare AI teams who need to prove their safety controls work—and want to be the first to do it with cryptographic proof.

DESIGN PARTNERS WE'RE LOOKING FOR

→ LLMs or agentic AI in clinical workflows

→ Safety guardrails that need evidence they ran

→ Pursuing FDA pathways or regulatory authorization

→ Selling to health systems with governance committees

[email protected]

glacis.io

The Evidence Layer for AI

The Evidence Layerfor AI