Operations | Monitoring | ITSM | DevOps | Cloud

On April 7, Anthropic announced that its Claude Mythos Preview model had autonomously identified thousands of high- and critical-severity zero-day vulnerabilities across every major operating system and every major web browser. Over 99% of them were unpatched the day of disclosure. Two weeks later, on April 21, Mozilla said it had used the same model to find and patch 271 vulnerabilities in the latest Firefox release.

Investors and enterprises are finally asking the question they'd been avoiding: which software companies will survive the AI revolution, and which will be made obsolete by it? The answer is becoming clear. Companies that serve as the system of record, the authoritative source of truth that AI itself depends on, are essential.

Traditional data protection followed a straightforward principle: Data stored in is protected by the laws of country A; data stored in country B is protected by the laws of country B. But in today’s global economy, where your data physically resides no longer determines which governments can demand access to it. Cloud infrastructure brought new jurisdictional complexity.

Three months ago, a CIO told me her organization had “already deployed agents.” Her endpoint team assumed she meant the telemetry clients on every managed laptop. Her service desk thought she meant AI chatbots. Meanwhile, her security architect heard “autonomous decision-making.” They were all right and all talking past each other. This is the agent confusion problem.

In everyday life, ignoring what you cannot see may feel harmless. In IT, it creates a false sense of security and a costly illusion. Although many organizations use some form of asset discovery, 2026 security research from Ivanti reveals that more than 1 in 3 IT professionals (38%) report having insufficient data about devices accessing their networks, and 45% say they lack adequate information about shadow IT. This lack of visibility leaves critical assets at risk of going undetected and unmanaged.

Endpoint visibility has always been foundational to IT and security. You can’t secure, patch or support what you can’t see. But as environments have become more distributed and complex, what visibility means has evolved. It’s no longer enough to know that a device exists — IT teams and organizations as a whole need to understand its health, its risk posture and its impact on both security and user experience.

"We see 10,000 critical vulnerabilities!" "We patched everything last week!" This conversation happens in enterprise IT departments every single day. Security teams present dashboards filled with red alerts. IT teams show deployment reports at 98% success. Both teams are looking at real data. Both are absolutely correct. And both are totally blind to what's actually happening across the endpoint environment. This isn't a people problem — your teams aren't incompetent.

Proof of condition — it’s been around for decades and serves to verify the integrity of everything from material goods to heavy equipment and myriad assets in between. A paper process from the beginning, it has been accompanied by photographs, rubber stamps, and signatures along the way. Still, hard to believe that a quarter way through the 21st century, with ubiquitous mobile device options, so many of these processes continue to reside on clipboards.

Endpoint management is one of the most critical — and most contested — areas of enterprise governance. Every organization depends on endpoints, yet many still struggle to answer a fundamental question: who actually owns these devices? In many environments, IT and security teams are both confident they’re doing the right thing, yet still talk past each other. Security looks at a scanner and sees 10,000 critical vulnerabilities; IT looks at a patch report and sees everything deployed.

Application control is one of those security topics where many people carry old assumptions. Traditional allowlisting feels safe but quickly becomes a maintenance burden. Blocklisting feels reactive and incomplete. And while tools like Microsoft AppLocker led many to believe that strict allowlisting is the gold standard, modern attacks have proven otherwise. Attackers increasingly rely on legitimate, signed tools — used in the wrong context — to bypass list-based controls entirely.