3,000+
Signed Decision Receipts issued in production (stated conservatively)
Stakeholders / Reports / Q2 2026
Quarterly stakeholder report Q2 2026 · Non-confidential
Production, posture, and proof.
The quarter Summit became a company you can verify, not just hear about.
In Q2 2026 Summit Cognitive moved its decision-accountability platform into production, completed federal credentialing, submitted its security self-assessment on deadline at an honest score, and launched two flagship content channels — all with no outside capital and a team that fits in a single Zoom window. This is the public, non-confidential read of where the company stands. Everything below is stated at production or audit-time level; sensitive material is summarized or gated, not exposed.
Highlights
- →The platform is live in production. The Decision Receipt runs at decrec.summitcognitive.ai with a public key and ledger, so any party can verify a receipt independently and offline.
- →Federal credentialing is complete. UEI assigned, SAM.gov registered, and CAGE code assigned — Summit is a contractable entity.
- →Security posture is on the record. The NIST 800-171 self-assessment was submitted on deadline at an honest score with a defensible 12-month remediation trajectory.
- →Category authority is in motion. Two flagship channels — the Dispatches essay series and the Warrant podcast — came online in 2026, with a sustained publishing cadence.
- →The pipeline is warming. Active pilot conversations are underway across regulated financial services and the federal lane — warm and unsigned, deliberately reported in ranges, never by name.
One number to remember: June was the month Summit shipped an expansion of the Dispatches essay series to 20 pieces (published and scheduled), its publishing and verification infrastructure brought online, and an on-deadline security self-assessment — with no outside capital.
Product & traction — public level
Summit builds Cognitive Security: the trust and control layer for AI in high-stakes decisions. Every AI-assisted decision generates a Decision Receipt — a cryptographically signed, tamper-evident, independently verifiable record of the evidence used, the policy enforced at decision time (deny by default), and a deterministic replay. The figures below are drawn from the production system as of late May–early June 2026; some have advanced since.
98.6%
Receipt acceptance rate, deny-by-default — the remainder correctly blocked
99.9%
Replay determinism — decisions reconstruct the same way, every time
Sub-second
End-to-end evaluation, from capture through receipt issuance
9
Governed agents producing receipted decisions
99.9%+
Uptime since production launch
Ed25519
Signature scheme with public-key verification
52
Canonical packages across five integrated services
TRL 5
Technology readiness level, federal posture
What the platform actually does
The system composes four independently auditable layers into a single pipeline — provenance capture, a hypothesis gate, deterministic replay, and the Decision Receipt itself. A runtime gate rejects outputs that fail trace, calibration, or completeness checks before they ever leave the system. The platform also provides graph intelligence and OSINT ingest, multi-agent orchestration, and tenant knowledge with role-based access control, and supports on-premises and air-gapped deployment for native data sovereignty.
The point is not a prettier answer. The point is a review-ready record that shows why an answer was allowed, revised, blocked, or escalated — one that holds up under audit, and that a skeptic can re-run rather than just read. A log shows what happened; a Decision Receipt proves who authorized a decision and that it survives review later.
Where this is headed to market
Summit targets defense intelligence, financial-crime investigation, critical-infrastructure cybersecurity, and regulated enterprise decision-making. The platform is built, deployed, and in active pilot motion — not a model wrapper, not a UI overlay, and not a research project. The company remains pre-revenue with no paying customer today; pilot conversations are warm and unsigned, and we report them in ranges.
Governance & compliance posture
| Area | Status | Notes |
|---|---|---|
| Product | Live | In production with public key + ledger for independent verification. |
| Federal credentials | Complete | UEI, SAM.gov, CAGE assigned; SBIR/CSO/BAA-capable entity. |
| NIST 800-171 | Submitted | Self-assessment filed on deadline at an honest score with a 12-month remediation trajectory. |
| SOC 2 Type I | Planned | Designed-for-alignment; not yet certified. |
| FedRAMP | Scoped | Posture scoped; not yet pursued to authorization. |
| CMMC | Planned | On the compliance roadmap. |
| IP / patent | Provisional filed | U.S. Provisional Patent Application No. 64/034,952, filed April 10, 2026; non-provisional conversion due April 10, 2027. Patent counsel not yet engaged. |
| Board | None today | Information rights only at the SAFE stage; no board seat. |
| Cap table | 100% founder | $0 external capital raised; option pool reserved but unissued; no notes outstanding. |
The governance principle we want stakeholders to take away is that we hold ourselves to the standard we sell. We submitted our security self-assessment at an honest score rather than an inflated one, because the federal buyer who would procure Summit reads that score before a pitch deck. Independent reviewers have been engaged to scope review work; that work is not complete, so we do not claim to have been "independently reviewed." Compliance frameworks listed above are designed-for-alignment, not yet certified.
What's next — next 90 days
- 1Convert a first paid pilot and stand up a 3–6 partner design-partner board.
- 2Ship the multi-tenant and public-demo path so prospective stakeholders can see the platform without a bespoke stand-up.
- 3Pursue SOC 2 Type I and continue the documented 800-171 remediation trajectory.
- 4Engage patent counsel and convert the provisional to a non-provisional filing, well ahead of the April 2027 deadline.
- 5Sustain the publishing cadence across Dispatches and Warrant, and book a first industry-analyst conversation.
- 6Secure and prepare the Web Summit Lisbon talk (slot in flight; Nov 9–12, 2026) and the launch of Summit's first European office.
How stakeholders can help — our asks
If you read this far and want to help, here is exactly what moves the needle right now.
- →Federal & prime introductions. Warm intros to federal capture leads or responsible-AI / AI-governance practice leads at primes such as L3Harris, Leidos, MITRE, or RAND.
- →Enterprise risk introductions. Intros to CISOs or heads of AI-risk at regulated financial-services or healthcare organizations.
- →A first technical hire. Help sourcing a staff-level platform engineer with a multi-agent or knowledge-graph background.
- →Investor diligence. Qualified investors in active diligence can request the detailed pipeline review and data-room access.
- →Sponsor the Lisbon launch. Back the Web Summit talk and European-office launch via sponsorship or in-kind support — recognition and access, not equity, not a security, not a promise of financial return.
Disclosures. This report is a non-confidential stakeholder update. Engineering metrics are stated as of their audit date (late May–early June 2026) and some have advanced. Financial, market-size, and funding figures referenced in our materials are illustrative models or third-party estimates, not commitments or results. Compliance frameworks named here are designed-for-alignment and not yet certified. Independent review is scoped but not complete; nothing here claims completed independent review. Forward-looking statements are plans, not commitments. This is not an offer to sell or a solicitation to buy any security.