Over the past few weeks, Anthropic's Claude Mythos disclosures and the broader Project Glasswing response have sent shockwaves through financial services. Wall Street CEOs were summoned by the U.S. Treasury. The ECB issued warnings. A coalition of AWS, Cisco, CrowdStrike, Google, Microsoft, and leading financial institutions was assembled to respond. The reason is simple and alarming: Mythos can autonomously find and exploit vulnerabilities in minutes, including ones that survived decades of human review.
That changes everything for attackers.
But here's the question nobody is asking: how fast does your human security operation actually respond?
I spend a lot of time with CISOs and Global InfoSec leaders at the world's largest financial institutions. And the conversation that keeps coming up isn't about tools. It's about something far more fundamental, and far less visible.
A Global InfoSec function at scale is not a technology problem. It is a human operation. Analysts triage. Approvers sign off. Investigators escalate. Auditors certify. Vendor risk teams assess. Access review committees decide. Every one of these activities runs through people, across dozens of applications, across geographies, across shift boundaries, every day.
Here's what nobody can answer: How long does a vulnerability actually sit before someone picks it up? Are your SOPs being followed in practice, or just on paper? Where exactly is your patch cycle stalling?
Nobody knows. Because nobody has ever observed it.
In a pre-Mythos world, that was a performance gap. In a post-Mythos world, it is a board-level exposure.
This is the problem we built Skan to solve.
Not another scanner. Not another SIEM (Security Information and Event Management system). Something the industry has never had: continuous, click-stream-level observability of how the human security operation actually works: every analyst workflow, every approval cycle, every handoff, every AI agent action inside the SOC.
What we see when we instrument a Global InfoSec function:
In eight weeks, we give the CISO something they have never had: operational ground truth. Where time is being lost. Which tools analysts actually rely on. Where controls are drifting. What the AI agents are doing.
That clarity delivers 30-45% faster vulnerability remediation. Audit-ready evidence of control execution for regulators. A rationalized security tool estate. And the only continuous governance layer for AI agents operating inside the security function.
I have put together a full approach note that lays out exactly how Skan addresses this, and I am sharing it with InfoSec leadership at some of the world's largest financial institutions this week.
If this resonates with your world, I'd love to hear your perspective or share the thinking directly.
The security industry has spent a decade building better tools.
The next decade belongs to those who can see and run the human operation behind them.
That is the missing layer. That is Skan AI.