AI Runtime Assurance

Start with a free scan. Platform from $60K.

A Glasswing-grade scan of your stack is free. Continuous scanning, runtime enforcement, and signed OVERT 1.0 receipts at Platform scale.

The Product

Enforce — Runtime AI defense + continuous scanning

Two surfaces, one product. A CI + cloud scanner that opens PRs with passing tests across code, dependencies, IaC, cloud, secrets, containers, and API — and a runtime witness that learns continuously, sharper with every inference, every attack, every drift signal it sees.

1.0 0.5 0.0 policy threshold drift alert CUSUM · SLM v2.3 t · sampled inferences →

Continuous drift detection

A purpose-built Small Language Model runs locally, producing version-pinned behavioral scores on every sampled inference. CUSUM-based statistical analysis detects when behavior is changing — before it crosses a policy boundary. This isn’t an LLM-as-judge. It’s a calibrated measurement instrument.

req policy v2.4 permit deny escalate < 8ms · p99 ENFORCE · v2.4

Runtime enforcement

Deployed in your environment. Every AI request is evaluated against your safety policies — permit, deny, or escalate. Detects prompt injection, PHI/PII exposure, and encoding attacks. Single-digit millisecond latency. Start in observe mode, switch to enforcement when ready.

FLEET · n = 12 1/12 drifting behaving drifting triggered

Fleet visibility

One dashboard for every AI system you’re running. Centralized policy management, drift alerts, incident integration. See which AI systems are behaving, which are drifting, which triggered enforcement actions.

CUSTOMER PERIMETER ZERO EGRESS your AI GLACIS witness observe · enforce prompts outputs user data stays in sha256 7f3e…d24b hash only content never crosses the wire

Zero egress

Everything runs inside your environment. Protected content never leaves your cluster. Only cryptographic hashes cross the wire. This is architectural, not contractual — even a full compromise of GLACIS infrastructure cannot expose your data.

OVERT-1.0 glc_7f3e… verdict: allowed prev: — 14:22:58 OVERT-1.0 glc_a1c0… verdict: allowed prev: 7f3e… 14:23:07 OVERT-1.0 glc_8e9f… verdict: flagged prev: a1c0… 14:23:21 OVERT-1.0 glc_____ pending… prev: 8e9f… 14:23:34 runtime audit-ready Evidence Pack

Evidence accumulates

While you use Enforce for operational security, OVERT-format attestation receipts build up in your environment. When compliance frameworks become relevant — NIST AI RMF, ISO 42001, EU AI Act, Colorado AI Act — the evidence trail is already there. No retroactive scramble.

Transparent pricing, built for scale

Lead magnet

Scan

Free scan

A Glasswing-grade scan of your stack. We show you what Mythos-class tooling would find, and open the first fix as a PR. One-time assessment, no commitment.

Start your free scan →
Ship continuously

Continuous

Talk to us

The always-on GitHub App plus control plane. Continuous scanning of code, dependencies, IaC, cloud, secrets, containers, and API. Opens PRs with passing tests. Signed OVERT 1.0 receipts for every fix and every decision.

For teams shipping AI-native product, not checking a compliance box.

Book a scoping call →
Scale

Platform

from$60K/yr

Multi-environment deployment, custom policy libraries, dedicated account engineering, compliance framework mapping for NIST AI RMF, ISO 42001, EU AI Act, and SOC 2. BAA available.

Your defenses sharpen with every attack. Automatically.

Talk to us →

Every tier includes: your own policies, custom framework mapping, local deployment, drift detection, observe-first mode, verifiable OVERT 1.0 receipts, and direct engineering support during onboarding.

Not sure which tier fits? Grab 25 minutes with us — no pitch, just scoping.

Core to GLACIS infrastructure

Notarize — Witnessed Attestation Infrastructure

Every PR GLACIS opens, every AI decision the witness inspects, every scan finding and remediation ships with a cryptographically signed receipt written to the OVERT 1.0 open standard. Chained — tampering is detectable. Externally verifiable — any third party can check a receipt without GLACIS in the loop. Exportable — your SOC 2 and ISO 42001 evidence builds itself. Proof is not a screenshot. It’s a signed chain.

  • OVERT-conformant attestation receipts
  • Compliance evidence exports: NIST AI RMF, ISO 42001, EU AI Act, OSCAL
  • Audit-ready Evidence Packs & Glacis Score
  • Enterprise: dedicated account engineering, SLA, BAA
Explore Notarize

Pricing FAQ

Is Scan really free?

Yes. Your first scan is a Glasswing-grade assessment of your stack, and we open the first fix as a PR. No sign-up, no usage limits on the first run. It’s free because Scan is how we see the frontier of AI failure: every probe sharpens the federated defense layer that Enforce runs on. You get production-grade red-teaming; the ecosystem gets a defense that compounds with every run.

How is Enforce priced?

We price based on event volume and the surfaces you enable (code/cloud vs. AI decisions). The Platform tier starts at $60K/yr. Grab a scoping call — we’ll match pricing to your volume and horizon.

We already use Vanta/Drata. Do we need GLACIS?

Vanta and Drata document that you have policies. GLACIS proves you followed them at runtime. They’re complementary — together they close the AI evidence gap.

Ready to defend your AI stack?

25 minutes, no pitch deck. We’ll map your AI systems and tell you what we’d monitor.

Let’s talk Install Scan →