The Glacis runtime product — verifiable AI governance at runtime
The Glacis runtime product is the customer-hosted bundle — a governance proxy, a Notary, and a dashboard — that enforces your OVERT-as-Code policy on live traffic and turns each governed decision into a signed, verifiable receipt.
What it does
Section titled “What it does”- Enforce — runs your policy on the request path: deny-by-default tool calls, egress control, PII/PHI detection, prohibited-use filtering, and human-review routing.
- Attest — every decision is an Ed25519 signature over RFC 8785 canonical bytes, chained into the Notary (RFC 6962 shape) and independently verifiable offline.
- Observe — the dashboard projects receipts and control status, distinguishing what was enforced from what was only recorded or declared.
Zero-egress by construction
Section titled “Zero-egress by construction”Receipts carry hashes and line-ranges — never raw prompt or response text. In the default configuration the only outbound runtime call is to your own configured model provider. Your sensitive data stays inside your boundary; the proof leaves, the data doesn’t.
Why the runtime is not open source
Section titled “Why the runtime is not open source”The policy language (OVERT-as-Code) is open. The runtime enforcement engine and the Notary are not — they are the commercial core and the part a competitor could otherwise clone. Regulated buyers who need to inspect the code for trust can do so under NDA without it being publicly discoverable: