Galini

What do they actually do

Galini provides a hosted “guardrails-as-a-service” layer for AI applications. Teams upload their internal policies or regulatory documents, define the rules they want enforced, and integrate Galini via API to evaluate inputs/outputs at runtime and log what triggered a block or flag (YC page, homepage).

The current workflow is: create a guardrail (name/objective plus uploaded policy docs), evaluate it in a sandbox with auto‑generated synthetic “golden” tests, deploy to production via API, and monitor live triggers and rationales. Feedback and traces feed a Galini agent the team says will improve rules over time (demo/launch materials on YC, company/founder posts).

Go‑to‑market is sales‑led: the product is live and demoable, with a contact‑/demo‑first funnel and no public self‑serve pricing or named customer list yet (homepage, YC page).

Who are their target customer(s)

• Compliance/legal teams at regulated enterprises: They need a reliable way to translate policies and regulations into enforceable, auditable runtime controls for AI systems; manual test creation and audits are slow and brittle.
• Product and engineering teams shipping AI features: They are pressured to build custom guardrails that slow releases and create maintenance debt because rules need constant tuning against real user inputs.
• Security/risk teams responsible for AI governance: They require real‑time monitoring and traces for when a model crosses a policy boundary, but existing tooling lacks visibility and a clean path from policy to repeatable tests.
• Site reliability/operations teams running AI in prod: They face noisy/missing alerts from ad‑hoc guardrails and lack safe workflows to iterate rules, increasing incidents and on‑call load.
• Procurement/IT buyers at large enterprises: They want an auditable vendor that reduces in‑house build costs, but demo‑only early products raise maturity and reference concerns.

How would they acquire their first 10, 50, and 100 customers

• First 10: Founder‑led pilots with 3–5 regulated design partners sourced via YC/founder networks; handhold onboarding, map policies to guardrails, and convert with low‑risk contracts plus reference commitments.
• First 50: Use early references to run targeted outbound to similar buyers; hire 1 AE and 1 CS to shorten pilots and standardize a pilot‑to‑paid package (scope, security packet, legal template) and co‑sell with select compliance consultancies.
• First 100: Publish regulatory templates/playbooks by vertical, add a lighter self‑serve path for lower‑risk teams, and launch a partner program with SIs/consultancies; use case studies and references to speed procurement and larger deals.

What is the rough total addressable market

Top-down context:

Galini sells into overlapping GRC, AI model‑risk management, and emerging AI governance budgets—each already measured in the billions and growing (e.g., GRC ≈$7.2B in 2024; AI model‑risk projected to ~$10–13B by decade’s end) (Grand View Research GRC, Grand View Research AI MRM, MarketsandMarkets via PR Newswire).

Bottom-up calculation:

Near‑term SAM: ~15,000 regulated enterprises with active or near‑term AI deployments in US/EU/APAC × ~$100k blended ACV for runtime guardrails ≈ $1.5B. Longer‑term TAM: ~30,000 global enterprises adopting AI across regulated functions × ~$150k ACV (higher scale/usage) ≈ $4.5B.

Assumptions:

• Counts focus on mid‑market/enterprise organizations (>1,000 employees) in finance, healthcare, government, education, and adjacent regulated sectors.
• Blended ACV includes platform fee plus usage tied to request volume/environments; excludes professional services beyond onboarding.
• Adoption assumes a subset of GRC/AI‑risk budgets shift to runtime guardrails rather than being fully absorbed by platform incumbents.

Who are some of their notable competitors

• Lakera: Provides LLM guardrails to block prompt injection, data leakage, and unsafe outputs for enterprise apps (site).
• Robust Intelligence: Offers AI risk management and runtime protection (firewall/validation) for models, including LLMs (site).
• CalypsoAI: Sells enterprise LLM security and “Moderator” guardrails for safe use of generative AI (site).
• AWS Bedrock Guardrails: Built‑in guardrails for Amazon Bedrock that moderate and enforce safety/policy constraints at the platform level (site).
• Credo AI: AI governance platform focused on policies, risk, and audit reporting; buyers may weigh it against runtime enforcement tools for compliance coverage (site).