Key:
SASKI (reference)
SASKI advantage
Partial / emerging
Competitor advantage or gap
Acquired — no longer independent
| System / Platform | Architecture Layer | Enforcement Mechanism | Regulatory Coverage | Clinical / Crisis Detection | Data Sovereignty | Evidence & Audit Trail | Latency | Insurability / E&O | Status | Primary Differentiator |
|---|---|---|---|---|---|---|---|---|---|---|
| SASKITechnical Visionaries PBC | Pre-LLM Middleware SDK / REST API / Sovereign API / MCP |
Mandatory Deterministic Block — pre-LLM, non-bypassable | 9 US states active 16 more May 2026 COPPA HIPAA GDPR Art.9 EU AI Act | MDTSAS 6-dimension clinical scoring; 988 crisis routing; phase-based ambient distress detection | SDK: data never leaves perimeter. Sovereign API: fully air-gapped customer infrastructure | SaskiEnvelope — Ed25519 / RFC 8785 JCS tamper-evident cryptographic receipt per inference | <50ms SDK <200ms API | HIGH Purpose-built for E&O underwriters. Cryptographic proof per decision. Flight recorder for litigation. | Independent $500K pre-seed raising now |
Only pre-LLM deterministic layer with state-by-state jurisdiction mapping, clinical crisis scoring, and cryptographic receipts designed for E&O underwriting. 46 red-team audits completed. Every platform failed. |
| Tier 1 — Most Direct Competitive Threat | ||||||||||
| Glacisglacis.io | Pre-LLM Runtime Local Classifier / Arbiter SDK | Mandatory Deterministic Block — local classification on customer hardware | General EU AI Act No US state mapping | Clinical AI listed No published scoring framework |
HIGH Local classification — no cloud routing before check runs | Signed receipts via OVERT 1.0 open standard; Evidence Packs for regulators | Not published | MEDIUM Signed receipts and evidence packs; no E&O underwriter partnerships | Independent $575K pre-seed · AI2 · Plug&Play · Safe AI Fund · SOC 2 ✓ |
Closest architectural peer to SASKI. Founding story mirrors SASKI origin (mental health AI shutdown). OVERT 1.0 open standard is a moat-building move. Lacks US jurisdiction mapping, MDTSAS framework, and audit-led GTM engine. |
| HiddenLayerIndependent — $56M raised | Runtime / API Layer ML Model Security | ML-based Threat Detection — model scanning and adversarial defense | NIST AI RMF No US state coverage | No clinical detection Model integrity focus only |
MEDIUM API deployment; no sovereign option published | Model security audit logs; no cryptographic per-inference receipt | Not published | MEDIUM Enterprise audit trail; not purpose-built for E&O | Independent Series A · DoD SHIELD · SOC 2 ✓ |
Well-funded independent. Protects the model from adversarial attack — different attack surface from SASKI. Strong DoD and federal presence. Watch for acquisition. |
| Tier 2 — Deterministic or Widely Deployed — Indirect Threat | ||||||||||
| Harmonic AIAristotle — Formal Verification | Offline Kernel Formal Verification | Mandatory Deterministic Block — Lean 4 theorem proving for agentic logic | No US state mapping No regulatory coverage | No clinical detection Agentic logic correctness only |
HIGH Fully offline kernel — no cloud dependency | Formal mathematical privacy proof; no runtime cryptographic receipt per inference | 5 microseconds | LOW-MED Formally strong in theory; not formatted for E&O evidentiary standards | Independent Funding not published |
Technically differentiated through formal mathematical verification via Lean 4. Extremely fast. No clinical capability, no jurisdictional logic, no E&O-ready evidence format. Academic rather than enterprise compliance positioning. |
| Guardrails AIOpen-source — $7.5M seed | SDK / Framework Input-Output Validation | Probabilistic Input-Output Validation — passive filtering | No regulatory coverage No jurisdiction logic | No clinical detection | LOW Sends inference data to cloud classifier | Standard validation logs; no tamper-evident receipts | Not published | LOW Probabilistic; cannot prove determinism; not insurable | Independent Open-source · widely deployed in Hub platforms |
Free open-source deployed in many no-code platforms SASKI audits. Developer-friendly but probabilistic, no cryptographic receipts, no clinical detection, no jurisdictional logic. The incumbent SASKI displaces inside Hub targets. |
| Tier 3 — Acquired — Validates Category But No Longer Independent | ||||||||||
| Lakera GuardNow: Check Point Software | Managed API / On-Prem Option | Pattern and ML Scanner — real-time probabilistic block | General compliance No US state logic | No clinical detection | MEDIUM On-prem option available | On-prem residency logs; no per-inference tamper-evident receipt | <50ms | LOW-MED Probabilistic; not purpose-built for E&O | ACQUIRED $300M Check Point · Sept 2025 |
Absorbed into Check Point creating same conflict-of-interest as hyperscalers. No longer independently purchasable. Enterprise cannot rely on a Check Point product as independent governance over Check Point AI infrastructure. |
| Robust IntelligenceNow: Cisco AI Defense | Gateway / Proxy AI Firewall | Mandatory Prompt and Response Block — automated red-teaming | No US state coverage | No clinical detection | LOW Cisco cloud; no sovereign option | Standard audit logs; no per-inference tamper-evident receipt | Not specified | LOW Not purpose-built for E&O evidentiary standards | ACQUIRED ~$400M Cisco · Oct 2024 |
Integrated into Cisco networking stack. No longer independently purchasable. Conflict-of-interest: Cisco is both infrastructure vendor and safety layer — the structural problem SASKI was built to solve. |
| Protect AINow: Palo Alto Prisma AIRS | Runtime / API AI Security Posture Management | Automated Red-Teaming and Model Scanning — runtime prompt filtering | No US state coverage | No clinical detection | LOW Palo Alto cloud platform | Posture management audit logs; no per-inference receipt | Not specified | LOW Posture management not evidentiary proof | ACQUIRED $650–700M Palo Alto · April 2025 |
Highest-priced exit in the category — validates the market. Now locked into Palo Alto platform. Confirms acquisition thesis for SASKI. Enterprises cannot rely on Prisma AIRS as independent governance. |
| CalypsoAINow: F5 Networks | Application Scanner Inference Layer | Mandatory Real-time Isolation — inference layer guardrails | No US state coverage | No clinical detection | LOW F5 cloud infrastructure | Scanner logs; no per-inference tamper-evident receipt | Not specified | LOW Application layer scanning; not E&O evidentiary proof | ACQUIRED $180M F5 · Sept 2025 |
Validates the category exit thesis. AI inference guardrails now part of F5 application delivery. No longer independently purchasable. F5 conflict-of-interest: application delivery vendor cannot be independent safety layer. |
| Tier 4 — Open-Source Probabilistic — Widely Deployed, Low Threat | ||||||||||
| NVIDIA NeMo Guardrailsv0.21 — Open Source | Local NIM / SDK Dialog Flow Engine | Probabilistic Flow — passive monitor via Colang DSL | No regulatory coverage | No clinical detection | HIGH Local NIM deployment | No tamper-evident audit trail; no per-inference receipt | ~500ms | VERY LOW Probabilistic; 500ms operationally disqualifying; cannot prove determinism | NVIDIA product Open-source (Apache 2.0) |
Sophisticated dialog flow management via Colang DSL. Free and widely available. Probabilistic and extremely slow for real-time enterprise. No receipts, no clinical detection. Free entry point SASKI displaces in regulated deployments. |
| Meta Llama Guard 3Open Source — Llama license | Local Instance Safety Labeler | Probabilistic Safety Scanning — post-eval labeling only | No regulatory coverage | No clinical detection | HIGH Fully local if self-hosted | Post-evaluation labeling logs only; no runtime enforcement trail | ~250ms | VERY LOW Labeler not interceptor; cannot prove enforcement ran | Meta AI product Open-source |
Functions as a safety labeler not an enforcer. Identifies unsafe content after the fact. Cannot prove a governance decision was made or enforced. No jurisdictional logic, no clinical capability, no receipt architecture. |
| Tier 5 — GRC, Compliance Dashboards, and Adjacent Infrastructure | ||||||||||
| Credo AIGRC Dashboard | Cloud GRC / Administrative Policy Hub | Passive Monitor — policy management and risk tracking only | EU AI Act mapping NIST AI RMF No runtime enforcement | No clinical detection | LOW Cloud platform; policy docs only | Compliance logs and artifact templates; no per-inference receipt | 1000ms+ | VERY LOW Documents intent; cannot prove execution. Compliance theater. | Independent | GRC dashboard category: documents policies, generates compliance artifacts, tracks risk. Cannot prove execution at the transaction level. Exactly the compliance theater gap SASKI replaces. Potential future integration partner. |
| CapiscIOAgent Guard — MCP Trust | SDK / Sidecar MCP Trust Layer | Mandatory A2A Identity Block — MCP trust graphs and delegation | No regulatory coverage | No clinical detection | MEDIUM Sidecar inside customer stack | Ed25519 Signed Badges for agent identity; focused on A2A not inference-level | Not specified | LOW Agent identity focus; not E&O-grade inference evidence | Independent | Deep MCP Trust Graphs and Datalog Biscuit tokens for multi-hop agent delegation. Agentic identity focus rather than pre-LLM user message governance. Complementary to SASKI-MCP rather than directly competitive. |
| Axiosky GovernorInfrastructure L3 | Infrastructure L3 Zero Trust Layer | Mandatory Zero Trust Block — hardware-backed HSM integration | No regulatory coverage | No clinical detection | HIGH Hardware Security Modules | Immutable cryptographic logs; HSM-backed; no AI-format receipt | Not specified | MEDIUM Immutable logs strong but not AI governance E&O formatted | Independent | Hardware-backed zero trust via HSMs. Strong infrastructure security posture. No AI-specific clinical detection, no jurisdictional logic, no per-inference AI governance receipt. Infrastructure security rather than AI governance. |
| DeeployMLOps Platform | MLOps Platform Transparency Engine | Transparency Engine / Human-in-the-loop — documentation and oversight | Strong EU AI Act XAI mapping Limited US coverage | No clinical detection | LOW Cloud MLOps; no sovereign runtime | Operator oversight logs; XAI audit artifacts; no per-inference receipt | Not specified | LOW Documentation-focused; cannot prove runtime execution at inference level | Independent European focus |
Strong EU AI Act and XAI mapping. MLOps governance rather than runtime enforcement. Cannot prove a safety decision was made at the inference level. Relevant for EU AI Act Article 50(1) August 2026 expansion. |
| jnMetaCode (Shellward)MCP Server / DPI | MCP Server Deep Packet Inspection | Mandatory 8-Layer Block — localized DPI and ID checksum validation | No regulatory coverage | No clinical detection | MEDIUM MCP server runs locally | Action logs; no cryptographic per-inference receipt | Not specified | LOW Action logs only; not E&O evidentiary proof | Independent | Localized Deep Packet Inspection and ID checksum validation at the MCP layer. Niche agentic security tool. Limited public information on adoption or roadmap. |
| RecordPoint (RexCommand)Data Governance | Data Governance Storage Layer | Storage Pipeline / Inventory — data lifecycle management | General data governance No AI inference coverage | No clinical detection | MEDIUM Data residency controls at storage layer | Data lifecycle provenance; no AI inference receipt | Not specified | LOW Data governance ≠ AI inference governance | Independent | Data storage governance and shadow AI inventory management. Operates at the data layer not the inference layer. Cannot prove what happened during an AI inference. Different category — potential integration partner. |
| Vanta / MintMCPCloud Compliance | Cloud Compliance SOC 2 / ISO Tracking | Guardrails / Access Contextualization — compliance workflow automation | SOC 2 ISO 27001 HIPAA workflows No AI jurisdiction logic | No clinical detection | LOW Cloud compliance platform | Standard compliance audits; SOC 2 / ISO evidence; no AI inference receipts | Not specified | LOW Compliance documentation; cannot prove AI execution at model layer | Independent Vanta $150M+ raised |
Compliance documentation and workflow automation. No AI-specific inference governance. Potential integration partner: SASKI SaskiEnvelopes feed directly into Vanta compliance workflows. |
| Hyperscaler Bundled SafetyAWS / Azure / Google | Cloud-Native Gateway embedded in model platform | Probabilistic Content Moderation — bundled with model vendor platform | General cloud compliance No state-by-state coverage No clinical logic | No clinical detection | NONE All inference data routes through hyperscaler cloud | Standard cloud telemetry; no independent tamper-evident receipt; no E&O-grade trail | 70–210ms | VERY LOW Critical structural conflict: model provider cannot be independent safety layer over own model | Embedded in AWS, Microsoft, Google. Not independently purchasable. | Structural conflict of interest: every model update silently changes safety behavior with no independent audit trail. The model vendor cannot be the independent governance layer over its own model. This is the core market failure SASKI was built to replace. |