Introduction
What happens when two enterprises discover the same critical vulnerability at the same time? One remediates it in a few hours. The other is still assessing it weeks later. How do they deal with it when an attacker finds it first?
The gap between them is not the tools; it is the speed of risk reduction. After all, for years, enterprise vulnerability management has been measured by coverage: how many systems are you scanning? How many vulnerabilities are you finding? How many are being corrected? Those questions still matter, but they are no longer sufficient. The industry has moved on, visibly accelerating.
To catch up, in April 2026, Anthropic launched Project Glasswing, a cross-industry initiative to secure the world’s most critical software using AI. The initiative brought together AWS, Cisco, Apple, CrowdStrike, Google, JPMorgan Chase, Microsoft, Palo Alto Networks, NVIDIA, Broadcom, and the Linux Foundation. They are all of the opinion that the time from vulnerability discovery to exploitation has collapsed, and fastening remediation is the only meaningful response.
For enterprises running legacy HPE Nonstop environments and other infrastructure, this creates an urgent challenge. Enterprises across the world are making their modern stacks hardier than ever. Legacy platforms, if left out, become the easiest target. That is the gap Xypro security solutions are built to close.
Why Speed of Risk Reduction Has Become the New Benchmark
Traditional vulnerability management was built around periodic cycles: scan and audit periodically, then patch when you can. This made sense when the threat landscape moved slowly, and attackers needed time to operate against a new CVE. However, this does not work anymore.
Claude Mythos Preview, the AI model used in Project Glasswing, has already identified thousands of zero-day vulnerabilities across critical infrastructure. Now, the same AI capabilities are available to both defenders and attackers. Hence, the time between a vulnerability being discovered and being actively exploited has shrunk from months to days, and even hours.
AI-powered vulnerability scanning and remediation has been imagined for quite a while. However, it only became a reality with Glasswing. Companies are yet to utilize it properly for discovering and fixing CVEs. Enterprises are now scared of how cyber attackers will strike them and what the damage will be.
In this scenario, the critical metric isn’t the number of vulnerabilities found; it is the mean time to remediate (MTTR), or how fast it takes from detection to fixing. In short, the speed of risk reduction is the new benchmark.
Organizations that have introduced continuous, AI-assisted remediation into their security operations are already moving at a different speed than those that haven’t. HPE Nonstop vulnerability management is no different from them. Glasswing has confirmed what leading security teams have known for some time: this is the competitive standard now.
Problems Encountered by Legacy Systems
Enterprise legacy security may seem too huge a responsibility, but neglecting it can cause the problems due to issues like:
- Legacy applications on the brink of failure but still being used have a greater chance of falling prey to security infiltrators.
- Systems with a greater attack surface and hidden vulnerabilities in their environments make security invasions easier.
- Old systems end up with compliance risks for GDPR, HIPAA, PCI DSS, etc., which can affect anyone from CEOs to employees.
- Large-scale businesses are likely to be disrupted more, especially if there has been a breach that is widespread and massive.
- Businesses with transitive relationships are often affected through a threat attacking and affecting one of their entities.
Vulnerability management blind spots are already causing several obstacles that require considerable expenditure of money, time, and resources. Remedying them is as necessary for the company as it is for its clients.
Legacy Platforms and the Speed Tax
Legacy systems are slower than modern ones in every aspect. This includes identifying vulnerabilities to subsequently rectify them. What that looks like include:
- Little Native Support
Modern scanners have little or zero native support for legacy applications. As a result, detection gaps cause vulnerabilities to sit undetected for longer
before the remediation clock even starts. - Limited Patching
When patches do exist, applying them to legacy environments requires manual direction, change windows, specialist knowledge, and additional vendor support. Each step adds days to MTTR. - No SIEM Integration
Without integration into modern SIEM and SOC toolkits, alerts from legacy systems require manual assessment. This adds a couple of days to analysis time before any solid action can be taken.
- Periodic Audit Cycles
Without continuous monitoring, a vulnerability found today might not appear in a report until the audit cycle of next week. This opens the chance for attackers looking for system exploitation. - Restricted Access Control
Having fewer access control modes in your system increases the chances of having more security risks. More attackers have the opportunity to enter your system and wreak havoc on it along the way. - Custom App Complexity
Legacy platforms often run custom applications with outdated dependencies, often transitive. Understanding the full effect of a vulnerability attack takes longer, causing delays in response.
Each of these factors compounds the others. Consequently, the effect is enormous. Leave Project Glasswing and Claude Mythos security; most organizations aren’t even close to the level of cyber awareness they need to possess.
What Slow Speed of Risk Reduction Actually Costs
On December 31, 2019, Travelex, a major foreign exchange business, was hit by REvil ransomware (Sodinokibi) through an unpatched Pulse Secure VPN vulnerability (CVE-2019-11510). The vulnerability had been publicly known for months.
Through lateral movement, it spread to encrypt critical systems and apparently stole customer data worth 5 GB. The company paid $2.3 million in Bitcoin, went offline globally for weeks, lost jobs, and faced GDPR compliance exposure.
On October 29, 2023, the British Library suffered a ransomware attack by the Rhysida group, demanding 20 Bitcoins, or about £600,000 at the time. Since the Library did not agree, they released 573 GB of data, or about 90% of the staff and user information stolen, to the dark web.
The attack was caused by the compromise of third-party access. For months, services remained affected. Systems remained offline. Recovery cost an estimated £6-7 million.
In either case, the question is the same: how long was the time for exploitation, and what would faster remediation have changed?
How Xypro Compresses the Speed of Risk Reduction for Legacy Environments
XYGATE Aegis Scan is built specifically for HPE Nonstop environments that tools with Project Glasswing cybersecurity-comparable action can hardly cover. This means that aging OS and applications under HPE Nonstop are under its umbrella too. The product’s value is measured in time, as follows:
