Insights

Blog

Insights and analysis on AI compliance, governance, and building the evidence layer for regulated industries.

White Paper — New

Healthcare AI Is Uninsurable. This Paper Shows How to Fix That.

Our CMO Jennifer Shannon and Sarah Gebauer published the first framework for underwriting healthcare AI risk. Four case studies. Three liability domains. One path forward.

Joe Braidwood
Open Source

Why autoredteam.com Is an Open-Source Commitment

An open-source commitment to helping developers everywhere auto-harden production AI applications, inspired by Karpathy’s developer-first instinct and grounded in safer deployment at scale.

Joe Braidwood
AI Safety

Voluntary AI Safety Just Died. Here’s What Replaces It.

Anthropic abandoned its Responsible Scaling Policy. They were the last holdout. The voluntary era is over — the verifiable era is just beginning.

Joe Braidwood
OVERT 1.0 Launch

We Couldn’t Ship Our Own AI. So We Built the Infrastructure to Fix That.

Why we open-sourced auto-redteam and published OVERT 1.0 — the open standard for AI runtime trust. The story behind the tools we wished existed.

Joe Braidwood
Healthcare AI

Your AI Needs an Alibi

A CMIO, a payer executive, a state privacy officer, and a health tech attorney walk into a room. What they said validated exactly what we’re building.

Joe Braidwood
Team

Why Our New CTO Left Microsoft After 19 Years

Rohit Tatachar joins as co-founder & CTO after nearly two decades at Azure. The inside story.

5 min read White Paper

Healthcare AI Is Uninsurable

The first framework for underwriting healthcare AI risk. Four case studies. Three liability domains.

7 min read OVERT 1.0 Launch

We Couldn’t Ship Our Own AI

Why we open-sourced auto-redteam and published OVERT 1.0 — the open standard for AI runtime trust.

10 min read Open Source

Why autoredteam.com Is an Open-Source Commitment

Why open-source auto-hardening matters and how autoredteam.com connects to safer AI deployment at scale.

6 min read AI Safety

Voluntary AI Safety Just Died

Anthropic abandoned its RSP. The voluntary era is over. Here’s what replaces it.

8 min read Conference

ViVE 2026: Healthcare AI Gets Asked for Its Receipts

We’re in LA Feb 22–25. The AI accountability conversation healthcare has been building toward.

5 min read Year Ahead

2026: The Year Healthcare AI Gets Real

JPM kicks off a pivotal year. State laws take effect, consent litigation accelerates, and governance committees want proof.

5 min read AI Governance

The Three Layers of AI Security

Most AI security solutions cover runtime protection. But there’s a critical third layer.

8 min read Regulation

EU AI Act Healthcare: What to Know

Most healthcare AI is classified as high-risk, triggering strict logging requirements.

10 min read Clinical AI Safety

When AI Hallucinations Become Malpractice

“One beer at a wedding” becomes “daily heroin use.” Without evidence, who’s liable?

9 min read Compliance

Why SOC 2 Won’t Protect You From AI Risk

SOC 2 and HITRUST are essential for IT security. But they weren’t designed for AI.

7 min read State Regulation

Colorado AI Act for Healthcare Vendors

Colorado becomes the first US state to regulate high-risk AI on June 30, 2026.

8 min read AI Governance

Building AI Trust Through Evidence

The difference between “we have guardrails” and “here’s proof.”

7 min read Technical Deep-Dive

How We Used AI Without a BAA

Deploying an in-line redaction proxy that strips PHI before it reaches external APIs.

12 min read Infrastructure

Why We Built GLACIS on Cloudflare

Global latency, edge compute, and enterprise security via Cloudflare Workers Launchpad.

6 min read AI Governance

Free AI Governance Assessment

Discover your AI governance readiness with our free 2-minute assessment. Get your score and personalised recommendations.

4 min read Compliance

ISO 42001: Is Certification Worth It?

Costs, benefits, and limitations. When certification makes sense vs. using the framework internally.

8 min read

Ready to Unblock Your Deals?

The Evidence Pack Sprint gives AI vendors board-ready compliance evidence in days — for deals, audits, and internal assurance.

Learn About Evidence Pack Sprint