The Glacis runtime product — verifiable AI governance at runtime

The Glacis runtime product is the customer-hosted bundle — a governance proxy, a Notary, and a dashboard — that enforces your OVERT-as-Code policy on live traffic and turns each governed decision into a signed, verifiable receipt.

Honest scope (this is the claim we stand behind)

In its default configuration the bundle produces an OVERT Level 1 Core evidence posture at Attestation Assurance Level AAL-3. A single operator-controlled, co-resident Notary caps the deployment at AAL-3. Glacis is not independently certified and must not be represented as AAL-4 or “evidence-grade.” We report each control’s real status — enforced, recorded, declared-not-enforced, or not-present — and never claim more than the deployment evidences.

What it does

• Enforce — runs your policy on the request path: deny-by-default tool calls, egress control, PII/PHI detection, prohibited-use filtering, and human-review routing.
• Attest — every decision is an Ed25519 signature over RFC 8785 canonical bytes, chained into the Notary (RFC 6962 shape) and independently verifiable offline.
• Observe — the dashboard projects receipts and control status, distinguishing what was enforced from what was only recorded or declared.

Zero-egress by construction

Receipts carry hashes and line-ranges — never raw prompt or response text. In the default configuration the only outbound runtime call is to your own configured model provider. Your sensitive data stays inside your boundary; the proof leaves, the data doesn’t.

Why the runtime is not open source

The policy language (OVERT-as-Code) is open. The runtime enforcement engine and the Notary are not — they are the commercial core and the part a competitor could otherwise clone. Regulated buyers who need to inspect the code for trust can do so under NDA without it being publicly discoverable:

Inspect the source (under NDA) The source-available path for regulated healthcare and finance buyers.

The conformance ladder Where AAL-3 sits, and what AAL-4 would require.

Verify a receipt Check the bundle's output yourself, offline.

Talk to us Evaluate the bundle for your deployment.