[{"data":1,"prerenderedAt":1888},["ShallowReactive",2],{"datasources":3,"us-en/blog/the-glasswing-gap/_{\"resolve_relations\":[\"article-list.featured\"]}":268,"f73efb93-0bfc-45a6-98e5-1e7591cae666_{\"find_by\":\"uuid\"}":1436,"us-en/global/the-footer/_{}":1495,"{\"key\":\"8540ee5e-e9b8-44cb-94b5-c7e1fd2b9fe8\",\"by_uuids\":\"8540ee5e-e9b8-44cb-94b5-c7e1fd2b9fe8\",\"page\":{\"value\":1},\"perPage\":{\"value\":null}}":1698,"us-en/global/the-nav/_{}":1745},["Reactive",4],{"departments":5,"industries":27,"partners":88,"pillars":105,"solutions":126,"subpillars":139},[6,11,15,19,23],{"id":7,"name":8,"value":9,"dimension_value":10},10485121,"Operations","operations",null,{"id":12,"name":13,"value":14,"dimension_value":10},10485122,"Marketing","marketing",{"id":16,"name":17,"value":18,"dimension_value":10},10485123,"Engineering","engineering",{"id":20,"name":21,"value":22,"dimension_value":10},10485124,"Design","design",{"id":24,"name":25,"value":26,"dimension_value":10},10485125,"Sales","sales",[28,32,36,40,44,48,52,56,60,64,68,72,76,80,84],{"id":29,"name":30,"value":31,"dimension_value":10},10380999,"Tech","tech",{"id":33,"name":34,"value":35,"dimension_value":10},10381000,"Healthcare","healthcare",{"id":37,"name":38,"value":39,"dimension_value":10},10381001,"Manufacturing","manufacturing",{"id":41,"name":42,"value":43,"dimension_value":10},10381002,"Energy","energy",{"id":45,"name":46,"value":47,"dimension_value":10},10381003,"Commerce","commerce",{"id":49,"name":50,"value":51,"dimension_value":10},10381004,"Education","education",{"id":53,"name":54,"value":55,"dimension_value":10},10381005,"Transportation","transportation",{"id":57,"name":58,"value":59,"dimension_value":10},10381006,"Banking","banking",{"id":61,"name":62,"value":63,"dimension_value":10},10381007,"Construction","construction",{"id":65,"name":66,"value":67,"dimension_value":10},10381008,"Agribusiness","agribusiness",{"id":69,"name":70,"value":71,"dimension_value":10},10381009,"Entertainment","entertainment",{"id":73,"name":74,"value":75,"dimension_value":10},10381010,"Public Sector","public-sector",{"id":77,"name":78,"value":79,"dimension_value":10},10381011,"Telecommunications","telecommunications",{"id":81,"name":82,"value":83,"dimension_value":10},10381012,"Consulting","consulting",{"id":85,"name":86,"value":87,"dimension_value":10},10381013,"Tourism","tourism",[89,93,97,101],{"id":90,"name":91,"value":92,"dimension_value":10},10496371,"Oracle","oracle",{"id":94,"name":95,"value":96,"dimension_value":10},10496372,"SAP","sap",{"id":98,"name":99,"value":100,"dimension_value":10},10496373,"ServiceNow","servicenow",{"id":102,"name":103,"value":104,"dimension_value":10},10496374,"Workday","workday",[106,110,114,118,122],{"id":107,"name":108,"value":109,"dimension_value":10},10375238,"Accounting","accounting",{"id":111,"name":112,"value":113,"dimension_value":10},10375239,"Human Resources","hr",{"id":115,"name":116,"value":117,"dimension_value":10},10375241,"IT Management","it",{"id":119,"name":120,"value":121,"dimension_value":10},10375240,"Procurement","procurement",{"id":123,"name":124,"value":125,"dimension_value":10},10375242,"Finance","finance",[127,131,135],{"id":128,"name":129,"value":130,"dimension_value":10},78651473017282,"Hero Actions","hero-actions",{"id":132,"name":133,"value":134,"dimension_value":10},78651440437697,"Hero Experts","hero-experts",{"id":136,"name":137,"value":138,"dimension_value":10},78651414464960,"Hero Answers","hero-answers",[140,144,148,152,156,160,164,168,172,176,180,184,188,192,196,200,204,208,212,216,220,224,228,232,236,240,244,248,252,256,260,264],{"id":141,"name":142,"value":143,"dimension_value":10},10390447,"Accounting - Accounts Payable","accounting-accountsPayable",{"id":145,"name":146,"value":147,"dimension_value":10},10390448,"Accounting - Accounts Receivable","accounting-accountsReceivable",{"id":149,"name":150,"value":151,"dimension_value":10},10390449,"Accounting - Cash Management","accounting-cashManagement",{"id":153,"name":154,"value":155,"dimension_value":10},10390450,"Accounting - Fixed Assets","accounting-fixedAssets",{"id":157,"name":158,"value":159,"dimension_value":10},10390451,"Accounting - General Ledger","accounting-generalLedger",{"id":161,"name":162,"value":163,"dimension_value":10},92071754000426,"Accounting - Operations","account-operations",{"id":165,"name":166,"value":167,"dimension_value":10},10390452,"Finance - Budget Forecast","finance-budgetForecast",{"id":169,"name":170,"value":171,"dimension_value":10},10390453,"Finance - Financial Reporting","finance-financialReporting",{"id":173,"name":174,"value":175,"dimension_value":10},10390454,"Finance - Reconciliation Configuration","finance-reconciliation",{"id":177,"name":178,"value":179,"dimension_value":10},10390457,"HR - Benefits","hr-benefits",{"id":181,"name":182,"value":183,"dimension_value":10},99288409881645,"HR - Compensation ","hr-compensation",{"id":185,"name":186,"value":187,"dimension_value":10},99288470240302,"HR - Core","hr-core",{"id":189,"name":190,"value":191,"dimension_value":10},99288522570799,"HR - Payroll","hr-payroll",{"id":193,"name":194,"value":195,"dimension_value":10},10390455,"HR - Performance","hr-performance",{"id":197,"name":198,"value":199,"dimension_value":10},99288642522160,"HR - Recruiting","hr-recruiting",{"id":201,"name":202,"value":203,"dimension_value":10},10390464,"Procurement - Purchasing","procurement-purchasing",{"id":205,"name":206,"value":207,"dimension_value":10},10390462,"Procurement - Self-Service","procurement-selfService",{"id":209,"name":210,"value":211,"dimension_value":10},10390463,"Procurement - Sourcing","procurement-sourcing",{"id":213,"name":214,"value":215,"dimension_value":10},99289327455281,"Procurement - Spend","procurement-spend",{"id":217,"name":218,"value":219,"dimension_value":10},99289390603314,"Procurement - Supplier Qualification","procurement-supplierQualification",{"id":221,"name":222,"value":223,"dimension_value":10},99289429318707,"Procurement - Suppliers","procurement-suppliers",{"id":225,"name":226,"value":227,"dimension_value":10},10390458,"IT - Projects","it-projects",{"id":229,"name":230,"value":231,"dimension_value":10},99463818237749,"IT - Grants Management","it-grantsManagement",{"id":233,"name":234,"value":235,"dimension_value":10},99463870510902,"IT - Project Assets","it-assets",{"id":237,"name":238,"value":239,"dimension_value":10},99463918126903,"IT - Project Billing","it-billing",{"id":241,"name":242,"value":243,"dimension_value":10},99463945320248,"IT - Project Budget","it-budget",{"id":245,"name":246,"value":247,"dimension_value":10},99463972955961,"IT - Project Cost","it-cost",{"id":249,"name":250,"value":251,"dimension_value":10},99464025757498,"IT - Enterprise Resources","it-enterpriseResources",{"id":253,"name":254,"value":255,"dimension_value":10},99464099829563,"IT - Project Plan","it-plan",{"id":257,"name":258,"value":259,"dimension_value":10},99464162993980,"IT - Resource Assignments","it-resourceAssignments",{"id":261,"name":262,"value":263,"dimension_value":10},99464912029502,"IT - Resource Management","it-resourceManagement",{"id":265,"name":266,"value":267,"dimension_value":10},99464211191613,"IT - Project Revenue","it-revenue",{"data":269,"headers":1414},{"story":270,"cv":1411,"rels":1412,"links":1413},{"name":271,"created_at":272,"published_at":273,"updated_at":274,"id":275,"uuid":276,"content":277,"slug":1402,"full_slug":1403,"sort_by_date":10,"position":1404,"tag_list":1405,"is_startpage":293,"parent_id":1406,"meta_data":10,"group_id":1407,"first_published_at":1408,"release_id":10,"lang":1409,"path":10,"alternates":1410,"default_full_slug":10,"translated_slugs":10},"The Glasswing Gap","2026-04-21T04:34:06.707Z","2026-04-21T04:50:18.646Z","2026-04-21T04:50:18.671Z",168167205759231,"3eb0dd29-009f-4f87-b043-fafd8ee8b04a",{"_uid":278,"body":279,"date":1370,"tags":1371,"Author":1372,"pillar":1374,"authors":1375,"category":286,"industry":1377,"metadata":1378,"partners":1386,"solution":1387,"component":1388,"thumbnail_desc":314,"thumbnail_image":1389,"thumbnail_heading":271},"9b21db1c-2cad-41cd-a5df-239846ff4595",[280,300,1366],{"_uid":281,"hero":282,"component":299},"bdc45d0d-dcb7-469f-8b91-89c98b00391d",[283],{"_uid":284,"mobile":285,"desktop":289,"component":294,"mobile_safari":295,"desktop_safari":297},"b7df198a-a68c-49c3-ab68-e15f1724eb42",{"id":10,"alt":10,"name":286,"focus":10,"title":10,"source":10,"filename":286,"copyright":10,"fieldtype":287,"meta_data":288},"","asset",{},{"id":290,"alt":286,"name":286,"focus":286,"title":286,"source":286,"filename":291,"copyright":286,"fieldtype":287,"meta_data":292,"is_external_url":293},168171035277517,"https://a.storyblok.com/f/314917/2160x2160/b6d7a9ec69/hacker_transferring_20m_from_a_nano_banana_pro_84613.jpg",{},false,"media",{"id":10,"alt":10,"name":286,"focus":10,"title":10,"source":10,"filename":286,"copyright":10,"fieldtype":287,"meta_data":296},{},{"id":10,"alt":10,"name":286,"focus":10,"title":10,"source":10,"filename":286,"copyright":10,"fieldtype":287,"meta_data":298},{},"hero-blog",{"id":286,"_uid":301,"body":302,"icon":1364,"name":286,"color":286,"theme":286,"pillar":286,"hideNav":293,"aboveNav":293,"solution":286,"animateIn":293,"component":1365,"pageTitle":286},"2e8a8fe1-f253-4397-b0d3-7ebe426bb1dd",[303,1358,1361],{"_uid":304,"body":305,"component":1355,"column_span":1356,"column_start":1357},"9b567e29-589c-4387-bbc3-c9c13244115f",{"type":306,"content":307},"doc",[308,318,329,337,345,353,364,372,380,388,396,404,412,420,430,438,446,454,463,471,479,488,496,504,513,521,535,549,563,577,591,605,619,627,636,644,653,661,669,677,686,694,702,710,719,727,735,743,752,760,768,776,784,793,801,810,818,826,834,842,850,859,867,875,889,903,917,931,945,953,961,970,978,986,994,1002,1010,1018,1026,1034,1043,1051,1059,1067,1075,1083,1091,1099,1108,1116,1125,1133,1141,1150,1158,1166,1175,1183,1191,1200,1208,1216,1225,1233,1241,1250,1314,1323,1331,1339,1347],{"type":309,"attrs":310,"content":312},"heading",{"level":311,"textAlign":10},2,[313,316],{"text":314,"type":315},"Glasswing didn’t miss enterprise applications. It revealed that nobody is defending them.","text",{"type":317},"hard_break",{"type":319,"attrs":320,"content":321},"paragraph",{"textAlign":10},[322],{"text":323,"type":315,"marks":324},"On April 7, 2026, Anthropic announced Project Glasswing, a restricted consortium of twelve technology organizations given early access to Claude Mythos Preview, an unreleased frontier AI model that has autonomously identified thousands of zero-day vulnerabilities in operating systems, web browsers, and other critical infrastructure software. Anthropic declined to release Mythos Preview to the general public on the basis that its capabilities could cause substantial harm if available to adversaries, and simultaneously warned that similar capabilities would proliferate through other AI models within approximately twelve months.",[325],{"type":326,"attrs":327},"textStyle",{"color":328},"#000000",{"type":319,"attrs":330,"content":331},{"textAlign":10},[332],{"text":333,"type":315,"marks":334},"The Glasswing consortium addresses the infrastructure software layer. It does not address the enterprise application layer on which the Fortune 1500 operates its accounts payable, accounts receivable, payroll, general ledger, and treasury. No enterprise application vendor appears in the twelve launch partners. Oracle, SAP, Workday, and ServiceNow are absent. The coalition partners themselves, including Amazon, Apple, Google, Microsoft, Cisco, CrowdStrike, JPMorgan Chase, NVIDIA, and Palo Alto Networks, all operate their own back-office finance and human resources functions on hosted enterprise application platforms from these absent vendors.",[335],{"type":326,"attrs":336},{"color":328},{"type":319,"attrs":338,"content":339},{"textAlign":10},[340],{"text":341,"type":315,"marks":342},"This report describes the resulting exposure. The argument is that the enterprise application layer presents a category of risk that current defensive controls are not designed to address, that the capability required to exploit this risk is available today through commercially accessible AI reasoning systems combined with institutional knowledge of the systems, and that the governance and audit infrastructure most enterprises rely on has not been rebuilt for the threat class that has now arrived.",[343],{"type":326,"attrs":344},{"color":328},{"type":319,"attrs":346,"content":347},{"textAlign":10},[348],{"text":349,"type":315,"marks":350},"The report draws on two decades of Oracle implementation experience, public documentation of Oracle Fusion default configuration, and observation of how these systems are typically deployed and operated in the Fortune 1500. It is written as a field perspective from operators rather than as product marketing. Dayos Pte. Ltd., the author's organization, is an enterprise AI company that builds agentic governance for these systems and has a direct commercial interest in how the market responds to the findings described. Readers should weigh that interest accordingly. The technical claims in the report are independent of the commercial position and are sourced to public documentation and field observation.",[351],{"type":326,"attrs":352},{"color":328},{"type":309,"attrs":354,"content":355},{"level":311,"textAlign":10},[356],{"text":357,"type":315,"marks":358},"The truth about ERP & HCM Systems of Record",[359,362],{"type":326,"attrs":360},{"color":361},"#1F1F1F",{"type":363},"bold",{"type":319,"attrs":365,"content":366},{"textAlign":10},[367],{"text":368,"type":315,"marks":369},"Enterprise ERP systems store the full financial and human resources state of the enterprise, including cash balances, bank account numbers, bank statement detail, supplier master records with banking information, employee master records with direct deposit details, and accounting data that reveals M&A activity, restructurings, and internal financial positions in advance of public disclosure. This data is continuously accessible to any party with authenticated access to the tenant.",[370],{"type":326,"attrs":371},{"color":328},{"type":319,"attrs":373,"content":374},{"textAlign":10},[375],{"text":376,"type":315,"marks":377},"Fraud pathways exist across accounts payable, accounts receivable, payroll, and the reporting layer that allow fund movement, data exfiltration, or both. The pathways do not require traditional vulnerability exploitation. They operate through legitimate system functions composed in ways the system permits.",[378],{"type":326,"attrs":379},{"color":328},{"type":319,"attrs":381,"content":382},{"textAlign":10},[383],{"text":384,"type":315,"marks":385},"Intelligence exposure is a distinct threat category from fraud. Read access to the ERP enables pre-attack reconnaissance on targets, wire fraud targeting material, insider trading on treasury and unreleased financial data, and competitive intelligence on suppliers and customers. The intelligence threat is harder to detect than fraud because reading is indistinguishable from authorized use.",[386],{"type":326,"attrs":387},{"color":328},{"type":319,"attrs":389,"content":390},{"textAlign":10},[391],{"text":392,"type":315,"marks":393},"The primary control CFOs believe protects the enterprise from fraud, periodic reconciliation, has been automated in a way that transforms it from a fraud control into a fraud concealment mechanism when the adversary can insert matching records on both sides of the reconciliation.",[394],{"type":326,"attrs":395},{"color":328},{"type":319,"attrs":397,"content":398},{"textAlign":10},[399],{"text":400,"type":315,"marks":401},"The administrative access required to operate these pathways is most commonly held by offshore managed services consultants, operating under economics that do not support the endpoint security posture the threat model requires. The access is outside the customer's security perimeter and often outside the customer's direct visibility.",[402],{"type":326,"attrs":403},{"color":328},{"type":319,"attrs":405,"content":406},{"textAlign":10},[407],{"text":408,"type":315,"marks":409},"The capability required to compose these pathways is available today through commercially accessible AI reasoning systems combined with institutional knowledge of the systems. The Mythos announcement is a public marker that frontier capability has arrived, not the origin of the threat.",[410],{"type":326,"attrs":411},{"color":328},{"type":319,"attrs":413,"content":414},{"textAlign":10},[415],{"text":416,"type":315,"marks":417},"The Glasswing launch partners themselves face the same exposure that every other Fortune 1500 enterprise faces, through hosted ERP tenants they do not control and cannot evaluate with Mythos.",[418],{"type":326,"attrs":419},{"color":328},{"type":309,"attrs":421,"content":423},{"level":422,"textAlign":10},1,[424],{"text":425,"type":315,"marks":426},"1. The Glasswing Gap",[427,429],{"type":326,"attrs":428},{"color":361},{"type":363},{"type":319,"attrs":431,"content":432},{"textAlign":10},[433],{"text":434,"type":315,"marks":435},"Project Glasswing is Anthropic's response to the capability demonstrated by Claude Mythos Preview. The twelve named launch partners are Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Anthropic has also extended access to more than forty additional organizations that build or maintain critical software infrastructure. The specific composition of the extended cohort has not been publicly enumerated.",[436],{"type":326,"attrs":437},{"color":328},{"type":319,"attrs":439,"content":440},{"textAlign":10},[441],{"text":442,"type":315,"marks":443},"The consortium's stated purpose is to give defenders a head start on the vulnerability surface of foundational infrastructure software before Mythos-class capabilities reach adversaries through other channels. The consortium is oriented toward operating systems, web browsers, silicon, cloud platforms, cryptographic libraries, and security products. The launch partner list reflects this orientation.",[444],{"type":326,"attrs":445},{"color":328},{"type":319,"attrs":447,"content":448},{"textAlign":10},[449],{"text":450,"type":315,"marks":451},"Enterprise application software is absent from the consortium. Oracle, SAP, Workday, ServiceNow, Infor, NetSuite, Salesforce, SuccessFactors, Sage, Dynamics, and the adjacent ecosystem of finance and human resources platforms are not named as launch partners and have not been publicly identified as members of the extended cohort. This absence is structurally significant. The software that runs the Fortune 1500's accounts payable, payroll, general ledger, treasury, and human resources is not being evaluated against Mythos-class capability, either by its vendors or by its customers.",[452],{"type":326,"attrs":453},{"color":328},{"type":309,"attrs":455,"content":456},{"level":311,"textAlign":10},[457],{"text":458,"type":315,"marks":459},"1.1 The coalition partners share the exposure",[460,462],{"type":326,"attrs":461},{"color":361},{"type":363},{"type":319,"attrs":464,"content":465},{"textAlign":10},[466],{"text":467,"type":315,"marks":468},"The twelve Glasswing launch partners themselves run their back-office finance and human resources on the absent enterprise application platforms. Public disclosures, vendor case studies, and industry reporting indicate that Amazon, Apple, Google, and Microsoft operate on SAP S/4 HANA. Cisco, Broadcom, and JPMorgan Chase operate on Oracle Cloud. CrowdStrike operates on Oracle NetSuite and other platforms. NVIDIA and Palo Alto Networks operate on SAP S/4 HANA and Workday. The specific attribution for each partner varies in public sourcing quality, but the aggregate pattern is not in dispute. Every launch partner runs substantial back-office finance and human resources operations on hosted enterprise applications from vendors absent from Glasswing.",[469],{"type":326,"attrs":470},{"color":328},{"type":319,"attrs":472,"content":473},{"textAlign":10},[474],{"text":475,"type":315,"marks":476},"This produces a structural observation. The launch partners publicly committing to defensive security work with Mythos against their own infrastructure have no Mythos-enabled path to evaluate the security posture of the enterprise applications running their own AP, AR, payroll, and treasury. The hosted architecture means the customer cannot independently evaluate the code. The vendor's absence from the coalition means there is no Glasswing-enabled evaluation from the vendor side. The result is a gap the size of the entire back-office footprint of the coalition, identical in shape to the gap every other Fortune 1500 enterprise faces.",[477],{"type":326,"attrs":478},{"color":328},{"type":309,"attrs":480,"content":481},{"level":311,"textAlign":10},[482],{"text":483,"type":315,"marks":484},"1.2 The knowledge half of the capability stack",[485,487],{"type":326,"attrs":486},{"color":361},{"type":363},{"type":319,"attrs":489,"content":490},{"textAlign":10},[491],{"text":492,"type":315,"marks":493},"AI reasoning alone is not sufficient to compromise enterprise application systems. The reasoning must be directed by institutional knowledge of how the systems are architected, how they are typically deployed, which defaults are common in the field, and which composition of legitimate system functions produces harmful outcomes. This knowledge is held by experienced implementers, architects, and support consultants across the global enterprise software labor market. It is not scarce. It is present in tens of thousands of professionals across the Oracle, SAP, Workday, and ServiceNow ecosystems. Some of this population works inside customer enterprises, some works for implementation partners, and some works in the managed services supply chain described later in this report.",[494],{"type":326,"attrs":495},{"color":328},{"type":319,"attrs":497,"content":498},{"textAlign":10},[499],{"text":500,"type":315,"marks":501},"The composition of commodity AI reasoning and commodity ERP knowledge is what produces the threat class this report describes. Neither element is a constraint. The combination has been possible for some time; the Mythos announcement is the public moment when it became unavoidable for defenders to acknowledge.",[502],{"type":326,"attrs":503},{"color":328},{"type":309,"attrs":505,"content":506},{"level":422,"textAlign":10},[507],{"text":508,"type":315,"marks":509},"2. Why Enterprise Applications Matter",[510,512],{"type":326,"attrs":511},{"color":361},{"type":363},{"type":319,"attrs":514,"content":515},{"textAlign":10},[516],{"text":517,"type":315,"marks":518},"Enterprise applications, specifically ERP and HCM platforms, are not ordinary business software. They store the complete financial and human resources state of the enterprise in a single authoritative system. The data they hold includes categories that are more sensitive than most operators appreciate in the aggregate.",[519],{"type":326,"attrs":520},{"color":328},{"type":319,"attrs":522,"content":523},{"textAlign":10},[524,530],{"text":525,"type":315,"marks":526},"Cash and treasury. ",[527,529],{"type":326,"attrs":528},{"color":328},{"type":363},{"text":531,"type":315,"marks":532},"Cash balances by bank, by account, by currency, by legal entity. Bank account numbers. Bank statement detail with incoming and outgoing transactions. Intra-period cash position that is not publicly disclosed until the next quarterly report.",[533],{"type":326,"attrs":534},{"color":328},{"type":319,"attrs":536,"content":537},{"textAlign":10},[538,544],{"text":539,"type":315,"marks":540},"Supplier master. ",[541,543],{"type":326,"attrs":542},{"color":328},{"type":363},{"text":545,"type":315,"marks":546},"Full supplier records including legal names, tax identifiers, bank account numbers, routing information, remittance addresses, contract terms, and payment histories. For a large enterprise, tens of thousands of supplier records with banking information.",[547],{"type":326,"attrs":548},{"color":328},{"type":319,"attrs":550,"content":551},{"textAlign":10},[552,558],{"text":553,"type":315,"marks":554},"Employee master. ",[555,557],{"type":326,"attrs":556},{"color":328},{"type":363},{"text":559,"type":315,"marks":560},"Full employee records including demographic data, national identifiers (Social Security Numbers or equivalent), home addresses, direct deposit bank accounts, dependents, beneficiaries, compensation, and in some deployments, medical benefit elections. For a large enterprise, hundreds of thousands of identity records.",[561],{"type":326,"attrs":562},{"color":328},{"type":319,"attrs":564,"content":565},{"textAlign":10},[566,572],{"text":567,"type":315,"marks":568},"Accounting and general ledger. ",[569,571],{"type":326,"attrs":570},{"color":328},{"type":363},{"text":573,"type":315,"marks":574},"Complete transactional history of the enterprise. Legal entity structure, chart of accounts, intercompany relationships, elimination rules, consolidation structures. The ledger reveals acquisitions in progress through new legal entities and account setups; divestitures through wind-down patterns; restructurings through account reclassifications. Much of this is visible weeks or months before public announcement.",[575],{"type":326,"attrs":576},{"color":328},{"type":319,"attrs":578,"content":579},{"textAlign":10},[580,586],{"text":581,"type":315,"marks":582},"Payroll and benefits. ",[583,585],{"type":326,"attrs":584},{"color":328},{"type":363},{"text":587,"type":315,"marks":588},"Current and historical payroll records, tax withholdings, equity grants, vesting schedules, commission calculations, and deferred compensation. For public company executives, material non-public information about compensation timing and magnitude.",[589],{"type":326,"attrs":590},{"color":328},{"type":319,"attrs":592,"content":593},{"textAlign":10},[594,600],{"text":595,"type":315,"marks":596},"Accounts receivable. ",[597,599],{"type":326,"attrs":598},{"color":328},{"type":363},{"text":601,"type":315,"marks":602},"Customer master records, customer bank information for collections, credit terms, dispute histories, revenue recognition triggers, and cash application details. Revenue timing for a public company is itself a material fact.",[603],{"type":326,"attrs":604},{"color":328},{"type":319,"attrs":606,"content":607},{"textAlign":10},[608,614],{"text":609,"type":315,"marks":610},"Configuration and approval infrastructure. ",[611,613],{"type":326,"attrs":612},{"color":328},{"type":363},{"text":615,"type":315,"marks":616},"The rules that govern how transactions flow through the system. Approval hierarchies, delegation structures, segregation of duties configurations, descriptive flexfield validations. Modifying these changes who can approve what going forward.",[617],{"type":326,"attrs":618},{"color":328},{"type":319,"attrs":620,"content":621},{"textAlign":10},[622],{"text":623,"type":315,"marks":624},"An adversary with sustained authenticated access to a single ERP tenant has reach across all of the above. The data categories compound. The adversary does not have to choose between fraud and intelligence extraction. The same access supports both, and the sustained access required for either also supports the other.",[625],{"type":326,"attrs":626},{"color":328},{"type":309,"attrs":628,"content":629},{"level":422,"textAlign":10},[630],{"text":631,"type":315,"marks":632},"3. Fraud Pathways in the Enterprise Application Layer",[633,635],{"type":326,"attrs":634},{"color":361},{"type":363},{"type":319,"attrs":637,"content":638},{"textAlign":10},[639],{"text":640,"type":315,"marks":641},"The fraud pathways described below operate through legitimate system functions composed in ways the system permits. None require a software vulnerability in the Mythos sense. The Mythos capability matters because it can compose these pathways at machine speed and against configurations an adversary had not previously mapped, but the pathways themselves are available to any adversary with the access and the knowledge.",[642],{"type":326,"attrs":643},{"color":328},{"type":309,"attrs":645,"content":646},{"level":311,"textAlign":10},[647],{"text":648,"type":315,"marks":649},"3.1 Accounts payable and the shared payment pipeline",[650,652],{"type":326,"attrs":651},{"color":361},{"type":363},{"type":319,"attrs":654,"content":655},{"textAlign":10},[656],{"text":657,"type":315,"marks":658},"Oracle Fusion, Workday, and SAP all expose a payment generation pipeline that receives payment instructions from multiple functional modules. Accounts payable generates supplier payments. Payroll generates employee payments. Employee expenses generate reimbursement payments. Each of the three feeds the same shared payment pipeline, which emits payment files to the enterprise's banks.",[659],{"type":326,"attrs":660},{"color":328},{"type":319,"attrs":662,"content":663},{"textAlign":10},[664],{"text":665,"type":315,"marks":666},"This architecture means compromise at the instruction layer in any of the three feeder modules, or at the shared payment pipeline itself, produces the same outcome: funds leave the enterprise under legitimate-looking payment runs. An enterprise that believes its accounts payable controls are strong may have weaker controls on payroll or employee expenses. An adversary targeting the shared pipeline exploits the weakest of the three.",[667],{"type":326,"attrs":668},{"color":328},{"type":319,"attrs":670,"content":671},{"textAlign":10},[672],{"text":673,"type":315,"marks":674},"The specific pathways include insertion of a new supplier site with adversary-controlled bank details on an existing supplier record. The supplier record itself is untouched. The new site becomes the default remit-to for the supplier. Subsequent payments route to the adversary-controlled account. The existing bank accounts on existing sites are unchanged, which means a modification-focused audit trail shows nothing unusual. Insertion of a new supplier with a plausible legal name that resembles a legitimate existing supplier provides a secondary pathway. A fictitious invoice against the new supplier, routed through approval hierarchies designed to clear routine transactions, produces a payment.",[675],{"type":326,"attrs":676},{"color":328},{"type":309,"attrs":678,"content":679},{"level":311,"textAlign":10},[680],{"text":681,"type":315,"marks":682},"3.2 Payroll routing",[683,685],{"type":326,"attrs":684},{"color":361},{"type":363},{"type":319,"attrs":687,"content":688},{"textAlign":10},[689],{"text":690,"type":315,"marks":691},"Employee bank account changes in Oracle HCM, Workday, and SAP SuccessFactors follow patterns that vary by customer configuration. Self-service bank account changes are often enabled for all employees by default, which means an adversary with an authenticated employee account can change the direct deposit through the self-service flow. Where self-service is disabled, the change routes through payroll operations, which is a small team with high throughput and variable verification discipline.",[692],{"type":326,"attrs":693},{"color":328},{"type":319,"attrs":695,"content":696},{"textAlign":10},[697],{"text":698,"type":315,"marks":699},"The executive compensation case is worth naming specifically. Executives are employees for payroll purposes. Their direct deposit bank accounts sit in the same tables and are governed by the same configuration as every other employee. The change scrutiny applied to executive records is often lower than for rank-and-file employees, not higher, because payroll operations tends to defer to executive requests rather than challenge them. Executive payroll events (annual bonuses, equity vesting, sign-on payments, severance) are larger than typical pay cycles and timed to known dates. An adversary who understands the compensation calendar can time a bank account change to land before a large payment event and revert it afterward, which produces a single-cycle routing anomaly that investigators tend to classify as a data entry error.",[700],{"type":326,"attrs":701},{"color":328},{"type":319,"attrs":703,"content":704},{"textAlign":10},[705],{"text":706,"type":315,"marks":707},"The same pathway extends across the executive team. For a public company, the ten most senior executives routinely have aggregate bonus or vesting cycles measured in tens or hundreds of millions of dollars. An adversary operating at the population level rather than the individual level can produce substantial loss over a single cycle with coordinated timing.",[708],{"type":326,"attrs":709},{"color":328},{"type":309,"attrs":711,"content":712},{"level":311,"textAlign":10},[713],{"text":714,"type":315,"marks":715},"3.3 Report and integration layer",[716,718],{"type":326,"attrs":717},{"color":361},{"type":363},{"type":319,"attrs":720,"content":721},{"textAlign":10},[722],{"text":723,"type":315,"marks":724},"Oracle Fusion's BI Publisher, Oracle Transactional Business Intelligence, Workday's reporting framework, and SAP's BusinessObjects layer all permit customers to define reports, schedules, and delivery endpoints. Report definitions run under service account authority rather than user authority. Schedules execute without human review. Delivery endpoints can include external SFTP destinations, email addresses, and API callbacks.",[725],{"type":326,"attrs":726},{"color":328},{"type":319,"attrs":728,"content":729},{"textAlign":10},[730],{"text":731,"type":315,"marks":732},"This layer presents two attack surfaces that the transactional layer does not. The first is payment injection. A modified or newly-defined report template that generates a payment file can emit payments that never existed as invoices or vouchers in the transactional system. The bank receives a payment file formatted correctly and processes the payments. The accounts payable team, searching for the invoice later to reconcile a variance, finds nothing because no invoice exists. The payment is reconciled against a ghost. The control infrastructure at the transactional layer is not engaged because no transaction passed through it.",[733],{"type":326,"attrs":734},{"color":328},{"type":319,"attrs":736,"content":737},{"textAlign":10},[738],{"text":739,"type":315,"marks":740},"The second is data exfiltration. A report scheduled nightly to deliver supplier bank account details, employee direct deposit information, or bank statement data to an external SFTP endpoint is a durable data pipeline. The logging posture at the reporting layer in typical deployments is thinner than at the transactional layer. The report appears in scheduled job listings as ordinary operational reporting. An adversary establishing this pipeline does not need to authenticate again. The pipeline runs indefinitely.",[741],{"type":326,"attrs":742},{"color":328},{"type":309,"attrs":744,"content":745},{"level":311,"textAlign":10},[746],{"text":747,"type":315,"marks":748},"3.4 Accounts receivable",[749,751],{"type":326,"attrs":750},{"color":361},{"type":363},{"type":319,"attrs":753,"content":754},{"textAlign":10},[755],{"text":756,"type":315,"marks":757},"Accounts receivable receives less attention than accounts payable in fraud discussion because money flows inward, which is less immediately attractive than outward fund movement. The AR surface nonetheless presents several pathways worth describing.",[758],{"type":326,"attrs":759},{"color":328},{"type":319,"attrs":761,"content":762},{"textAlign":10},[763],{"text":764,"type":315,"marks":765},"Cash application fraud manipulates how incoming customer payments are applied to customer accounts. An adversary with AR access can misapply legitimate incoming payments to accounts the adversary controls, producing unapplied cash that can then be refunded through the supplier refund pathway in AP. This is a cross-module attack that exploits the boundary between AR and AP, neither of which alone would catch the pattern.",[766],{"type":326,"attrs":767},{"color":328},{"type":319,"attrs":769,"content":770},{"textAlign":10},[771],{"text":772,"type":315,"marks":773},"Credit and write-off manipulation applies unauthorized credits or bad-debt write-offs to customer accounts, reducing receivables in ways that do not move cash but alter the financial picture. For a public company, write-off timing and magnitude is material. Revenue recognition manipulation shifts recognition timing across reporting periods, which is a direct financial reporting concern and a securities law concern.",[774],{"type":326,"attrs":775},{"color":328},{"type":319,"attrs":777,"content":778},{"textAlign":10},[779],{"text":780,"type":315,"marks":781},"Customer relationship sabotage is a variant in which the adversary is not seeking fund movement or information but damage to the enterprise's customer relationships. Altered dispute resolutions, improperly handled collections, incorrect statements, and mishandled credit memos produce customer friction that the enterprise cannot easily trace to a single event.",[782],{"type":326,"attrs":783},{"color":328},{"type":309,"attrs":785,"content":786},{"level":311,"textAlign":10},[787],{"text":788,"type":315,"marks":789},"3.5 Subledger and accounting",[790,792],{"type":326,"attrs":791},{"color":361},{"type":363},{"type":319,"attrs":794,"content":795},{"textAlign":10},[796],{"text":797,"type":315,"marks":798},"The subledger accounting layer in Oracle Fusion (Financial Accounting Hub) and equivalents in SAP and Workday produces journal entries according to configurable rules that map transactions to accounts. Modification of these rules, introduced as new configuration records rather than updates to existing records, changes how future transactions are classified. This is less about direct fund movement and more about concealment of other activity, or about audit evasion by misclassifying transactions into accounts that receive less scrutiny.",[799],{"type":326,"attrs":800},{"color":328},{"type":309,"attrs":802,"content":803},{"level":311,"textAlign":10},[804],{"text":805,"type":315,"marks":806},"3.6 The compound scenario",[807,809],{"type":326,"attrs":808},{"color":361},{"type":363},{"type":319,"attrs":811,"content":812},{"textAlign":10},[813],{"text":814,"type":315,"marks":815},"The pathways above are not alternatives. A sustained adversary composes them. A representative scenario illustrates the compound shape.",[816],{"type":326,"attrs":817},{"color":328},{"type":319,"attrs":819,"content":820},{"textAlign":10},[821],{"text":822,"type":315,"marks":823},"An adversary gains administrative access to a Fusion tenant through a compromised managed services consultant. The adversary establishes a BI Publisher report scheduled to deliver daily cash account balances, bank statement detail, and supplier payment data to an external endpoint. The report runs under a service account; the job appears in scheduled job listings as routine operational reporting.",[824],{"type":326,"attrs":825},{"color":328},{"type":319,"attrs":827,"content":828},{"textAlign":10},[829],{"text":830,"type":315,"marks":831},"Over the next quarter, the adversary reads the exfiltrated data to map the enterprise's cash position, customer receipts, supplier payments, and payroll patterns. The adversary identifies the quarterly executive bonus cycle and its account. One week before the bonus run, the adversary adds a new employee bank account record on the CEO's employee record through an existing compromised session. The change is an insertion into the bank account table as a new effective-dated record, which is how Oracle models bank account changes. The bonus run executes, directing the CEO's bonus to the adversary-controlled account.",[832],{"type":326,"attrs":833},{"color":328},{"type":319,"attrs":835,"content":836},{"textAlign":10},[837],{"text":838,"type":315,"marks":839},"Two days later, the adversary reverts the change by inserting another effective-dated record restoring the CEO's legitimate bank account. The single-cycle routing anomaly on one employee record is flagged during reconciliation. Investigators classify it as a data entry error. The payment reconciles cleanly because the ERP's internal records match the bank's records. The adversary has extracted the bonus, with complete treasury intelligence for the quarter, without modifying any existing record and without executing anything the transactional control framework was designed to catch.",[840],{"type":326,"attrs":841},{"color":328},{"type":319,"attrs":843,"content":844},{"textAlign":10},[845],{"text":846,"type":315,"marks":847},"The scenario is not a demonstration of a specific attack. It is a composition of pathways that each exist independently in typical Fusion deployments. Each component pathway is documented in Oracle's own material or observable in default-configured environments. The composition is what produces the harm.",[848],{"type":326,"attrs":849},{"color":328},{"type":309,"attrs":851,"content":852},{"level":422,"textAlign":10},[853],{"text":854,"type":315,"marks":855},"4. Intelligence Exposure as a Distinct Threat Category",[856,858],{"type":326,"attrs":857},{"color":361},{"type":363},{"type":319,"attrs":860,"content":861},{"textAlign":10},[862],{"text":863,"type":315,"marks":864},"Fraud pathways require the adversary to take actions that eventually produce financial impact. Intelligence extraction does not. An adversary with sustained read access to an enterprise ERP tenant can extract value continuously without executing any fraud at all.",[865],{"type":326,"attrs":866},{"color":328},{"type":319,"attrs":868,"content":869},{"textAlign":10},[870],{"text":871,"type":315,"marks":872},"The intelligence categories available through ERP read access include the following.",[873],{"type":326,"attrs":874},{"color":328},{"type":319,"attrs":876,"content":877},{"textAlign":10},[878,884],{"text":879,"type":315,"marks":880},"Pre-attack reconnaissance. ",[881,883],{"type":326,"attrs":882},{"color":328},{"type":363},{"text":885,"type":315,"marks":886},"Cash balances by account inform which accounts to target for fund-movement fraud. Knowing which AP run draws from which account, and the balance available, transforms a blind attack into a targeted one. The same intelligence improves the success rate of every fraud pathway described in Section 3.",[887],{"type":326,"attrs":888},{"color":328},{"type":319,"attrs":890,"content":891},{"textAlign":10},[892,898],{"text":893,"type":315,"marks":894},"Wire fraud targeting material. ",[895,897],{"type":326,"attrs":896},{"color":328},{"type":363},{"text":899,"type":315,"marks":900},"Bank account numbers, routing information, treasury staff identities from the HCM module, and recent payment patterns are the raw material for wire fraud against the enterprise that does not need to touch the ERP again. The adversary social-engineers the bank with specific internal details, impersonates known personnel, and executes wire fraud using ERP-sourced intelligence against targets the ERP has identified.",[901],{"type":326,"attrs":902},{"color":328},{"type":319,"attrs":904,"content":905},{"textAlign":10},[906,912],{"text":907,"type":315,"marks":908},"Insider trading on cash and operational data. ",[909,911],{"type":326,"attrs":910},{"color":328},{"type":363},{"text":913,"type":315,"marks":914},"Intra-period cash position, accelerating or decelerating receipts from large customers, late-period accounting adjustments, and journal entries that precede public disclosure are visible to anyone with GL access. For a public company, much of this is material non-public information. An adversary with sustained read access has continuous insight into the financial trajectory of the enterprise at a level that ordinary investors never see.",[915],{"type":326,"attrs":916},{"color":328},{"type":319,"attrs":918,"content":919},{"textAlign":10},[920,926],{"text":921,"type":315,"marks":922},"M&A and strategic intelligence. ",[923,925],{"type":326,"attrs":924},{"color":328},{"type":363},{"text":927,"type":315,"marks":928},"New legal entity setups, new intercompany relationships, new chart of accounts structures, and purposeful journal entry patterns reveal acquisitions, divestitures, and restructurings often weeks or months before public announcement. The operational reality of an acquisition preparing for close is visible in the ERP before it is visible anywhere else.",[929],{"type":326,"attrs":930},{"color":328},{"type":319,"attrs":932,"content":933},{"textAlign":10},[934,940],{"text":935,"type":315,"marks":936},"Supplier and customer intelligence. ",[937,939],{"type":326,"attrs":938},{"color":328},{"type":363},{"text":941,"type":315,"marks":942},"Payment patterns to suppliers reveal supply chain relationships, concentrations, and dependencies. Receipts from customers reveal revenue concentration and major customer health. Much of this aggregate data is publicly inferable for large enterprises; the granular transaction-level detail available in the ERP is not.",[943],{"type":326,"attrs":944},{"color":328},{"type":319,"attrs":946,"content":947},{"textAlign":10},[948],{"text":949,"type":315,"marks":950},"The intelligence threat is structurally harder to detect than the fraud threat. Reading is a legitimate function of ERP use. Users access reports, review transactions, and query data as part of normal work. An adversary reading the same data is indistinguishable from an authorized user unless the monitoring infrastructure specifically looks for patterns of access that differ from expected usage. Typical deployments do not have this infrastructure at the application layer. Network-level data loss prevention catches some exfiltration patterns but is blind to reporting-layer pipelines that run under service accounts with legitimate-looking endpoints.",[951],{"type":326,"attrs":952},{"color":328},{"type":319,"attrs":954,"content":955},{"textAlign":10},[956],{"text":957,"type":315,"marks":958},"The commercial consequence is that an adversary optimizing for information yield rather than fraud yield can extract more value over a fiscal period, at lower risk of detection, than through any direct fraud pathway. A compromised ERP is not primarily a fraud exposure. It is a financial intelligence leak of the first order, with fraud capability as an adjacent property.",[959],{"type":326,"attrs":960},{"color":328},{"type":309,"attrs":962,"content":963},{"level":422,"textAlign":10},[964],{"text":965,"type":315,"marks":966},"5. Reconciliation as a Control Failure Mode",[967,969],{"type":326,"attrs":968},{"color":361},{"type":363},{"type":319,"attrs":971,"content":972},{"textAlign":10},[973],{"text":974,"type":315,"marks":975},"Finance leaders ask, reasonably, what controls protect the enterprise from the fraud pathways described in Section 3. The answer most commonly cited is reconciliation. Bank accounts are reconciled periodically against the general ledger. Unmatched items are investigated. Discrepancies surface. This has been the cornerstone of financial control for decades.",[976],{"type":326,"attrs":977},{"color":328},{"type":319,"attrs":979,"content":980},{"textAlign":10},[981],{"text":982,"type":315,"marks":983},"In a modern hosted ERP deployment, reconciliation has been automated. Bank statements load into the ERP on a schedule. A matching engine compares bank transactions against ERP transaction records based on rules configured by the customer. Matched items are marked reconciled and flow through without human review. Unmatched items are flagged for investigation. The control the CFO believes is in place has become a matching engine with an exception queue.",[984],{"type":326,"attrs":985},{"color":328},{"type":319,"attrs":987,"content":988},{"textAlign":10},[989],{"text":990,"type":315,"marks":991},"This architecture has a specific failure mode against adversaries who control both sides of the reconciliation. A fraudulent payment inserted into the ERP generates a bank transaction when it clears. When the bank statement loads, the matching engine compares the bank transaction to the ERP record, finds that they agree on amount, date, and payee, and marks the reconciliation complete. The fraud is concealed by the same mechanism the CFO believes is protecting against it. Matched reconciliation status is not evidence that the transaction is legitimate. It is evidence that the ERP and the bank agree on the transaction. For fraud that introduces matching records on both sides, the reconciliation is a concealment mechanism, not a control.",[992],{"type":326,"attrs":993},{"color":328},{"type":319,"attrs":995,"content":996},{"textAlign":10},[997],{"text":998,"type":315,"marks":999},"Third-party reconciliation tools such as BlackLine, Trintech, and FloQast add a layer of process visibility and typically include human certification as part of the close. The matching logic in these tools is comparable to the ERP's matching logic, and matched items clear through the same way. Human certification on matched items is typically a high-volume review optimized for efficiency, not for fraud detection at the per-transaction level. These tools reduce exposure relative to native ERP reconciliation alone but do not eliminate it. An adversary whose fraud matches cleanly reaches the general ledger through both paths.",[1000],{"type":326,"attrs":1001},{"color":328},{"type":319,"attrs":1003,"content":1004},{"textAlign":10},[1005],{"text":1006,"type":315,"marks":1007},"The broader implication is that the internal control framework most enterprises rely on has been silently rebalanced over the last fifteen years toward automation-friendly controls that assume a threat model of occasional human insider activity at human tempo. The new threat model, with composable attacks at machine speed from adversaries with deep knowledge of the system, invalidates the rebalancing. Finance organizations that automated reconciliation for efficiency gains did not reprice their control environment for the changed threat. Most have not yet noticed.",[1008],{"type":326,"attrs":1009},{"color":328},{"type":319,"attrs":1011,"content":1012},{"textAlign":10},[1013],{"text":1014,"type":315,"marks":1015},"Two adjacent observations are worth recording, though each will generate response from the respective professional communities.",[1016],{"type":326,"attrs":1017},{"color":328},{"type":319,"attrs":1019,"content":1020},{"textAlign":10},[1021],{"text":1022,"type":315,"marks":1023},"External audit substantive testing of accounts payable typically samples from AP transactions and verifies supporting documentation, approvals, and cash disbursement. An adversary whose fraud matches cleanly produces a complete audit trail at each point: the AP record exists, approval routing is evidenced, cash disbursement is reconciled. A sample of the fraudulent transaction passes substantive testing because all the evidence is consistent. Audit methodology as currently practiced is not designed to detect this threat class and will not catch it in ordinary course.",[1024],{"type":326,"attrs":1025},{"color":328},{"type":319,"attrs":1027,"content":1028},{"textAlign":10},[1029],{"text":1030,"type":315,"marks":1031},"Sarbanes-Oxley internal control frameworks for IT general controls test access controls, change management, and segregation of duties as operating controls. An auto-reconciliation process operating according to its configuration passes IT general control testing because the control is operating as designed. The control's design is the failure point. IT general control testing is not scoped to challenge design adequacy against emerging threat models. Sarbanes-Oxley compliant enterprises are not protected against this threat class by their SOX programs.",[1032],{"type":326,"attrs":1033},{"color":328},{"type":309,"attrs":1035,"content":1036},{"level":422,"textAlign":10},[1037],{"text":1038,"type":315,"marks":1039},"6. The Administrative Access Supply Chain",[1040,1042],{"type":326,"attrs":1041},{"color":361},{"type":363},{"type":319,"attrs":1044,"content":1045},{"textAlign":10},[1046],{"text":1047,"type":315,"marks":1048},"Every fraud and intelligence pathway described above assumes adversary access to the ERP tenant. The access required to execute most of these pathways is administrative or near-administrative. In the typical Fortune 1500 deployment, administrative access to Oracle Fusion, Workday, SAP, and ServiceNow is held primarily by offshore managed services consultants, operating under subcontract from implementation partners and support providers.",[1049],{"type":326,"attrs":1050},{"color":328},{"type":319,"attrs":1052,"content":1053},{"textAlign":10},[1054],{"text":1055,"type":315,"marks":1056},"The offshoring managed services model has specific structural properties that compound the exposure described elsewhere in this report. The model is economically oriented around headcount margin. Providers bid contracts at labor rates that assume a cost structure per seat, and that cost structure does not accommodate the endpoint security posture Fortune 1500 enterprises would require of their own employees. Hardened laptops with enterprise-grade endpoint detection, full disk encryption under the customer's key management, managed device attestation, and lifecycle controls are capital and operational investments the bid economics do not support. Providers therefore typically operate with lighter endpoint posture than the customer's own internal workforce, despite having broader access to the customer's core systems.",[1057],{"type":326,"attrs":1058},{"color":328},{"type":319,"attrs":1060,"content":1061},{"textAlign":10},[1062],{"text":1063,"type":315,"marks":1064},"Consultant turnover compounds the endpoint gap. Attrition rates in offshore services commonly exceed twenty percent annually in major delivery centers. Consultants rotate across customers and across providers. A consultant moving from one provider to another across the same city in India carries institutional knowledge of the previous customer's tenant, configurations, and administrative procedures. Credential deprovisioning hygiene across this mobility is variable. The receiving provider benefits from the consultant's prior knowledge regardless of whether the knowledge was intended to transfer.",[1065],{"type":326,"attrs":1066},{"color":328},{"type":319,"attrs":1068,"content":1069},{"textAlign":10},[1070],{"text":1071,"type":315,"marks":1072},"Hardware lifecycle at headcount-margin-optimized providers includes device reassignment across consultants and customers. A laptop provisioned for Consultant A on Customer X is typically reassigned to Consultant B on Customer Y when Consultant A departs. The sanitization performed during reassignment is operationally lightweight and does not meet the forensic sanitization standards customers would expect. Artifacts from the prior consultant's work, including cached sessions, saved credentials, and configuration documentation, can persist. The receiving consultant has an operational head start on a customer they were never authorized to access, through artifacts left by someone who was.",[1073],{"type":326,"attrs":1074},{"color":328},{"type":319,"attrs":1076,"content":1077},{"textAlign":10},[1078],{"text":1079,"type":315,"marks":1080},"Compromise of the administrative access itself is therefore not a traditional security exploit. It is a human supply chain compromise. An adversary does not need to solve the access problem. The access has already been solved by the managed services industry. The adversary needs to compromise a person who holds it. Phishing, social engineering, insider recruitment, and financial or family pressure in jurisdictions where investigative reach is limited all apply. A single successful compromise of a single consultant in a single delivery center produces access to customer tenants that the customer's own security perimeter cannot protect, because the customer's perimeter does not extend to the provider's delivery center.",[1081],{"type":326,"attrs":1082},{"color":328},{"type":319,"attrs":1084,"content":1085},{"textAlign":10},[1086],{"text":1087,"type":315,"marks":1088},"The structural implication is that the deployment vulnerabilities described elsewhere in this report are downstream of the managed services economics, not upstream. Implementations are configured quickly because the bid did not include time for careful role design. Seeded account passwords are rotated to memorable values because the consultants need to share them to work in teams. Audit logging is configured minimally because nobody on the implementation team knew to ask about it and the customer's security organization was not in the implementation room. The weaknesses are not accidents. They are the predictable operational expression of the economic model the customer chose when the procurement decision was made.",[1089],{"type":326,"attrs":1090},{"color":328},{"type":319,"attrs":1092,"content":1093},{"textAlign":10},[1094],{"text":1095,"type":315,"marks":1096},"Customers thinking of their ERP as inside their security perimeter are working from a mental model that is no longer accurate. The perimeter extends to whichever managed services organization holds administrative access, which is typically distributed across multiple countries, time zones, and legal jurisdictions. The customer has no direct visibility into this perimeter. The customer accepted it when the managed services contract was signed.",[1097],{"type":326,"attrs":1098},{"color":328},{"type":309,"attrs":1100,"content":1101},{"level":422,"textAlign":10},[1102],{"text":1103,"type":315,"marks":1104},"7. A Governance Framework for the Enterprise Application Layer",[1105,1107],{"type":326,"attrs":1106},{"color":361},{"type":363},{"type":319,"attrs":1109,"content":1110},{"textAlign":10},[1111],{"text":1112,"type":315,"marks":1113},"The threat class this report describes does not have a single-control response. Better endpoints will not close it. More audit logging will not close it. Tighter segregation of duties will not close it, though all three are necessary. The response is structural and spans the access architecture, the control framework, the administrative supply chain, and the detection infrastructure.",[1114],{"type":326,"attrs":1115},{"color":328},{"type":309,"attrs":1117,"content":1118},{"level":311,"textAlign":10},[1119],{"text":1120,"type":315,"marks":1121},"7.1 Access architecture",[1122,1124],{"type":326,"attrs":1123},{"color":361},{"type":363},{"type":319,"attrs":1126,"content":1127},{"textAlign":10},[1128],{"text":1129,"type":315,"marks":1130},"The strongest form of access control in the enterprise application layer is not governance of privileged access but elimination of privileged access where it is not required. A service provider or integration partner does not need update and delete authority on existing records to deliver value to the customer. Insert-only access, enforced at the ERP role and privilege layer, closes off the direct-tampering and evidence-destruction attack paths that are the most damaging category of insider action. Customers should consider this posture for their own external support relationships and evaluate whether service providers can operate under it.",[1131],{"type":326,"attrs":1132},{"color":328},{"type":319,"attrs":1134,"content":1135},{"textAlign":10},[1136],{"text":1137,"type":315,"marks":1138},"Where administrative access is required, it should be time-bound, ticket-linked, and attributable to a named individual rather than a team. Shared service accounts and persistent administrative credentials held across consultant rotations are artifacts of the headcount-margin economic model and should be understood as such when they are encountered.",[1139],{"type":326,"attrs":1140},{"color":328},{"type":309,"attrs":1142,"content":1143},{"level":311,"textAlign":10},[1144],{"text":1145,"type":315,"marks":1146},"7.2 Control framework",[1147,1149],{"type":326,"attrs":1148},{"color":361},{"type":363},{"type":319,"attrs":1151,"content":1152},{"textAlign":10},[1153],{"text":1154,"type":315,"marks":1155},"Customers should revisit the assumptions embedded in their current control framework against the threat model this report describes. Reconciliation automation in particular should be evaluated against the specific question of whether it functions as a fraud control or as a matching engine. In most deployments, it is the latter. Compensating controls specifically designed to detect matched transactions that represent fraud are required and are not typically present.",[1156],{"type":326,"attrs":1157},{"color":328},{"type":319,"attrs":1159,"content":1160},{"textAlign":10},[1161],{"text":1162,"type":315,"marks":1163},"Approval architecture provides structural defense against many of the fraud pathways described, but approval configuration is itself an object class that can be modified by sufficiently privileged users. Read access to the approval configuration, and monitoring of changes to approval rules and delegation, are essential complements to the approvals themselves.",[1164],{"type":326,"attrs":1165},{"color":328},{"type":309,"attrs":1167,"content":1168},{"level":311,"textAlign":10},[1169],{"text":1170,"type":315,"marks":1171},"7.3 Administrative supply chain",[1172,1174],{"type":326,"attrs":1173},{"color":361},{"type":363},{"type":319,"attrs":1176,"content":1177},{"textAlign":10},[1178],{"text":1179,"type":315,"marks":1180},"Customers should evaluate their administrative supply chain against the specific security posture required for the threat class, not against the compliance documents produced during procurement. The relevant questions include: what endpoint security actually runs on the devices that access the tenant; how is credential deprovisioning handled across consultant turnover; what hardware sanitization procedures apply to device reassignment; what jurisdictions hold consultant records and what investigative reach does the customer retain in those jurisdictions; how is shared versus named access managed in the support model.",[1181],{"type":326,"attrs":1182},{"color":328},{"type":319,"attrs":1184,"content":1185},{"textAlign":10},[1186],{"text":1187,"type":315,"marks":1188},"Customers should recognize that the cost of doing this right is higher than the cost they have been paying. The economic floor for a defensible administrative support model is above the price point at which offshore managed services competitors win contracts today. Price-based procurement below the floor is a security decision being made through the procurement process without explicit acknowledgment.",[1189],{"type":326,"attrs":1190},{"color":328},{"type":309,"attrs":1192,"content":1193},{"level":311,"textAlign":10},[1194],{"text":1195,"type":315,"marks":1196},"7.4 Detection infrastructure",[1197,1199],{"type":326,"attrs":1198},{"color":361},{"type":363},{"type":319,"attrs":1201,"content":1202},{"textAlign":10},[1203],{"text":1204,"type":315,"marks":1205},"Detection of the threat class described requires agentic reasoning on the system's own activity, because the threats compose legitimate functions in sequences the transactional monitoring infrastructure was not designed to see. Pattern detection across sessions, ticket linkage, anomaly surfacing on sensitive object classes, and customer-visible evidence of external party actions in the tenant are the capability shape required. Customers should evaluate whether they have this shape in place today and should not assume that existing SIEM or DLP infrastructure covers the enterprise application layer at this level.",[1206],{"type":326,"attrs":1207},{"color":328},{"type":319,"attrs":1209,"content":1210},{"textAlign":10},[1211],{"text":1212,"type":315,"marks":1213},"The AI era requires detection infrastructure that is itself capable of AI-era reasoning. Humans reviewing logs at human cadence will not scale to adversaries composing attacks at machine speed. This does not remove the human from the loop. It repositions the human from log review to oversight of the agentic monitoring system.",[1214],{"type":326,"attrs":1215},{"color":328},{"type":309,"attrs":1217,"content":1218},{"level":311,"textAlign":10},[1219],{"text":1220,"type":315,"marks":1221},"7.5 Who should operate this layer",[1222,1224],{"type":326,"attrs":1223},{"color":361},{"type":363},{"type":319,"attrs":1226,"content":1227},{"textAlign":10},[1228],{"text":1229,"type":315,"marks":1230},"The governance layer described sits between the customer's ERP tenant and the humans who interact with it. Operating this layer requires product-level knowledge of the enterprise application platforms, fluency in agentic AI engineering, and operational discipline of the kind ordinarily found in security products rather than in ERP consulting practices. The intersection is small. Traditional ERP consulting firms have the product knowledge and not the agentic AI engineering. Traditional security firms have the engineering and not the product knowledge. The gap the report describes is also a gap in the service provider market.",[1231],{"type":326,"attrs":1232},{"color":328},{"type":319,"attrs":1234,"content":1235},{"textAlign":10},[1236],{"text":1237,"type":315,"marks":1238},"Customers evaluating their response should look specifically for providers that hold both halves of the capability, that operate under an administrative access model compatible with the access architecture principles described above, and that can demonstrate their own governance posture rather than merely claim it. Certifications such as ISO 42001 and SOC 2 Type 2 are necessary but not sufficient signals. The operational posture (named access, insert-only scoping where possible, endpoint hardening, small senior teams rather than large rotating pools) is the substance.",[1239],{"type":326,"attrs":1240},{"color":328},{"type":309,"attrs":1242,"content":1243},{"level":422,"textAlign":10},[1244],{"text":1245,"type":315,"marks":1246},"8. What This Report Does Not Claim",[1247,1249],{"type":326,"attrs":1248},{"color":361},{"type":363},{"type":1251,"content":1252},"bullet_list",[1253,1264,1274,1284,1294,1304],{"type":1254,"content":1255},"list_item",[1256],{"type":319,"attrs":1257,"content":1258},{"textAlign":10},[1259],{"text":1260,"type":315,"marks":1261},"This report does not claim Oracle Fusion is uniquely weak among enterprise application platforms. The same structural argument applies to Workday, SAP, and ServiceNow, and subsequent reports in this series will cover each. Oracle is addressed first because the authors' depth of experience is greatest there.",[1262],{"type":326,"attrs":1263},{"color":328},{"type":1254,"content":1265},[1266],{"type":319,"attrs":1267,"content":1268},{"textAlign":10},[1269],{"text":1270,"type":315,"marks":1271},"This report does not claim any specific customer deployment is exposed in a specific way. All statements about production deployments are based on observation of how these systems are typically configured, and on public vendor documentation of default postures. No specific customer tenant is referenced or analyzed.",[1272],{"type":326,"attrs":1273},{"color":328},{"type":1254,"content":1275},[1276],{"type":319,"attrs":1277,"content":1278},{"textAlign":10},[1279],{"text":1280,"type":315,"marks":1281},"This report does not provide working exploit material, credential lists, or specific attack sequences. The threat classes described are abstracted to their structural form. An adversary reading this report gains no capability they did not already have; a defender gains a framework for evaluating their posture.",[1282],{"type":326,"attrs":1283},{"color":328},{"type":1254,"content":1285},[1286],{"type":319,"attrs":1287,"content":1288},{"textAlign":10},[1289],{"text":1290,"type":315,"marks":1291},"This report does not claim that agentic governance from any specific vendor, including Dayos, is the only correct response. The governance framework in Section 7 is vendor-neutral. Dayos happens to fit the shape of the framework, and readers who find the framework persuasive will encounter Dayos as one credible implementation. The argument is for the structural response, not for Dayos.",[1292],{"type":326,"attrs":1293},{"color":328},{"type":1254,"content":1295},[1296],{"type":319,"attrs":1297,"content":1298},{"textAlign":10},[1299],{"text":1300,"type":315,"marks":1301},"This report does not claim that offshore managed services providers are uniquely irresponsible or that their consultants are adversaries. The argument is about structural economics, not about the ethics or competence of individual workers. The consultants work in an economic model their customers selected; criticism belongs with the model and the procurement decisions that sustained it, not with the individuals.",[1302],{"type":326,"attrs":1303},{"color":328},{"type":1254,"content":1305},[1306],{"type":319,"attrs":1307,"content":1308},{"textAlign":10},[1309],{"text":1310,"type":315,"marks":1311},"This report does not claim that Mythos itself will be used to execute attacks against enterprise applications. Anthropic retains control of Mythos and has structured Project Glasswing around defensive use. The concern is the proliferation of similar capabilities through other channels on the timeline Anthropic itself has published.",[1312],{"type":326,"attrs":1313},{"color":328},{"type":309,"attrs":1315,"content":1316},{"level":422,"textAlign":10},[1317],{"text":1318,"type":315,"marks":1319},"9. Conclusion",[1320,1322],{"type":326,"attrs":1321},{"color":361},{"type":363},{"type":319,"attrs":1324,"content":1325},{"textAlign":10},[1326],{"text":1327,"type":315,"marks":1328},"Enterprise application security needs to be re-evaluated for the AI era. The evaluation that most enterprises have done to date assumed a threat model oriented around human insiders, external vulnerability exploitation, and occasional fraud at human tempo. That threat model is obsolete. The capability to compose legitimate system functions into harmful sequences is now available to adversaries at a level that the controls most enterprises rely on are not designed to detect.",[1329],{"type":326,"attrs":1330},{"color":328},{"type":319,"attrs":1332,"content":1333},{"textAlign":10},[1334],{"text":1335,"type":315,"marks":1336},"The Glasswing consortium is a meaningful response to the infrastructure layer. It does not address the enterprise application layer. The absence is structural, not oversight, and the gap it leaves is the size of the back-office footprint of every enterprise that runs on Oracle, SAP, Workday, ServiceNow, or their adjacent platforms, including the Glasswing launch partners themselves.",[1337],{"type":326,"attrs":1338},{"color":328},{"type":319,"attrs":1340,"content":1341},{"textAlign":10},[1342],{"text":1343,"type":315,"marks":1344},"The response is a new governance layer on top of the enterprise application platforms, operating at the access architecture, control framework, administrative supply chain, and detection infrastructure simultaneously. AI-first providers with deep ERP product knowledge are positioned to build and operate this layer. Traditional providers from the ERP consulting and security verticals are not, absent substantial rebuilding of their models. Customers choosing who should operate this layer on their behalf should evaluate with the threat model in this report in mind.",[1345],{"type":326,"attrs":1346},{"color":328},{"type":319,"attrs":1348,"content":1349},{"textAlign":10},[1350],{"text":1351,"type":315,"marks":1352},"The urgency is not the Mythos announcement. Mythos is the marker. The urgency is that the capability the announcement reveals has been quietly accumulating in the infrastructure of adversaries and will continue to proliferate through channels that guardrails and restricted-access programs cannot fully close. Enterprise application security must be evaluated now, against the threat class as it exists, not against the threat class as it existed before 2026.",[1353],{"type":326,"attrs":1354},{"color":328},"article-content","8","3",{"_uid":1359,"component":1360},"f66cb98d-64f5-43d7-a1ed-9cdc08aab27f","article-author",{"_uid":1362,"component":1363},"f2141500-99d2-44e4-ab83-f243b6f4db25","article-share",[],"article-section",{"ref":1367,"_uid":1368,"component":1369},"f73efb93-0bfc-45a6-98e5-1e7591cae666","4549a929-ab04-46f2-b4ef-4f548c427d9d","global-reference","2026-04-20 00:00","Primary Tags\n\nEnterprise AI\nAI Agents\nERP Automation\nAI Memory\n\nTechnical Tags\n\nLangMem\nMem0\nSemantic Memory\nEpisodic Memory\nVector Database\npgvector\nPostgreSQL\nEmbeddings\nHNSW Index\n\nUse Case / Domain Tags\n\nFinance Automation\nAccounting AI\nBack-Office Automation\nFinancial Close\nWorkflow Automation\n\nPlatform / Brand Tags\n\nDayos\nHero Platform\nEnterprise Software\nAI Platform\n\nAdvanced / Niche Tags\n\nAgentic AI\nMemory Architecture\nContextual AI\nLLM Systems",[1373],"0094aad6-7f3e-4bce-af6a-56ce1d136f2d",[117],[1376],"8540ee5e-e9b8-44cb-94b5-c7e1fd2b9fe8",[31],[1379],{"_uid":1380,"component":1381,"page_image":1382,"page_title":314,"meta_noIndex":293,"canonical_url":1384,"meta_noFollow":293,"page_keywords":1385,"page_description":314},"e62f1e56-a5fa-433c-acbf-69be8f44f944","metadata-seo",{"id":10,"alt":10,"name":286,"focus":10,"title":10,"source":10,"filename":286,"copyright":10,"fieldtype":287,"meta_data":1383},{},"https://www.dayos.com/blog/the-glasswing-gap","AI Security\nEnterprise Risk\nERP\nCybersecurity\nAI Governance\nFinance Transformation\nInternal Audit\nDigital Risk",[92,104,96,100],[130],"content-article",[1390],{"_uid":1391,"mobile":1392,"desktop":1394,"component":294,"mobile_safari":1398,"desktop_safari":1400},"6bf76ffd-ce5b-47f6-975d-f04f956d44a0",{"id":10,"alt":10,"name":286,"focus":10,"title":10,"source":10,"filename":286,"copyright":10,"fieldtype":287,"meta_data":1393},{},{"id":1395,"alt":286,"name":286,"focus":286,"title":286,"source":286,"filename":1396,"copyright":286,"fieldtype":287,"meta_data":1397,"is_external_url":293},168169804478653,"https://a.storyblok.com/f/314917/3870x2160/585fae80c5/_esrgan_65877.jpg",{},{"id":10,"alt":10,"name":286,"focus":10,"title":10,"source":10,"filename":286,"copyright":10,"fieldtype":287,"meta_data":1399},{},{"id":10,"alt":10,"name":286,"focus":10,"title":10,"source":10,"filename":286,"copyright":10,"fieldtype":287,"meta_data":1401},{},"the-glasswing-gap","us-en/blog/the-glasswing-gap",-180,[],597785169,"0b1f6a90-1b9e-440e-a3f7-80150a4d1bc4","2026-04-21T04:45:26.310Z","default",[],1776747019,[],[],{"cache-control":1415,"connection":1416,"content-encoding":1417,"content-type":1418,"date":1419,"etag":1420,"referrer-policy":1421,"sb-be-version":1422,"server":1423,"transfer-encoding":1424,"vary":1425,"via":1426,"x-amz-cf-id":1427,"x-amz-cf-pop":1428,"x-cache":1429,"x-content-type-options":1430,"x-frame-options":1431,"x-permitted-cross-domain-policies":1432,"x-request-id":1433,"x-runtime":1434,"x-xss-protection":1435},"max-age=0, public, s-maxage=604800, stale-if-error=3600","keep-alive","gzip","application/json; charset=utf-8","Tue, 21 Apr 2026 04:52:33 GMT","W/\"16f5990d9a72dad1e91777f5cdb78ef0\"","strict-origin-when-cross-origin","5.747.1","nginx/1.29.1","chunked","Origin,Accept-Encoding","1.1 978b1b29b70b082668c3d920b0bbe7d4.cloudfront.net (CloudFront)","xcuPn9inNIDJ2WoPm3ZCLhELvkPEhbdOKnQ7QCkZdG8nATP9YOttMg==","IAD55-P6","Miss from cloudfront","nosniff","SAMEORIGIN","none","3d5458d4-4831-4d0c-9d96-ce0ae5fc9b26","0.027644","0",{"data":1437,"headers":1486},{"story":1438,"cv":1411,"rels":1484,"links":1485},{"name":1439,"created_at":1440,"published_at":1441,"updated_at":1442,"id":1443,"uuid":1367,"content":1444,"slug":1476,"full_slug":1477,"sort_by_date":10,"position":1478,"tag_list":1479,"is_startpage":293,"parent_id":1480,"meta_data":10,"group_id":1481,"first_published_at":1482,"release_id":10,"lang":1409,"path":10,"alternates":1483,"default_full_slug":10,"translated_slugs":10},"Footer Entry","2025-01-13T02:32:31.002Z","2025-10-09T08:32:34.268Z","2025-10-06T04:49:22.568Z",607681104,{"_uid":1445,"items":1446,"component":1475},"2b8a937f-50d2-4c88-8589-82a2f3a304f5",[1447,1462],{"cta":1448,"_uid":1457,"desc":1458,"theme":1459,"heading":1460,"component":1461},[1449],{"to":1450,"_uid":1453,"label":286,"layout":1454,"modalId":1455,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":286,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":286},"story","multilink","9f9e49c1-4bda-4d74-9a90-47dcdd48dabc","tertiary","intro","cta","396a6ca0-968f-4147-9df6-ac6811251f71","Let’s transform the way work works. Book an intro to see our demo in action. ","white","Schedule\na Demo","entry-item1",{"to":1463,"cta":1466,"_uid":1472,"desc":1473,"theme":1459,"heading":1474,"component":1461,"openInNewTab":293},{"id":286,"url":1464,"linktype":1465,"fieldtype":1452,"cached_url":1464},"/","url",[1467],{"to":1468,"_uid":1471,"label":286,"theme":286,"layout":1454,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1469,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1470},"d165d8ad-81ba-4566-93f5-a708cb5604b1","us-en/company","e45938da-d436-4407-bd08-f0a08dd54088","472de4ef-6814-4c13-81b1-6cdb451c5449","Learn more about our company's journey in redefining how good work gets done. ","About\nus","entry1","footer-entry","us-en/global/footer-entry",-20,[],586593475,"76a35c96-d91b-4311-b9d9-c3af477aed5c","2025-01-13T02:34:04.173Z",[],[],[],{"age":1487,"cache-control":1415,"connection":1416,"content-encoding":1417,"content-type":1418,"date":1488,"etag":1489,"referrer-policy":1421,"sb-be-version":1422,"server":1423,"transfer-encoding":1424,"vary":1425,"via":1490,"x-amz-cf-id":1491,"x-amz-cf-pop":1428,"x-cache":1492,"x-content-type-options":1430,"x-frame-options":1431,"x-permitted-cross-domain-policies":1432,"x-request-id":1493,"x-runtime":1494,"x-xss-protection":1435},"37","Tue, 21 Apr 2026 04:51:57 GMT","W/\"87baef52e5a4d46071535391da1bdd51\"","1.1 eafa30ac9eebc826d698b6b51868b24a.cloudfront.net (CloudFront)","YYM6GaI5ZQTb5E1ffVOn4lvYtzo6Za2_RCrq68AhJc5kt2SC0UdpjQ==","Hit from cloudfront","fd78363a-8d94-42ca-8542-1f3bf2c9dc5e","0.016124",{"data":1496,"headers":1692},{"story":1497,"cv":1411,"rels":1690,"links":1691},{"name":1498,"created_at":1499,"published_at":1500,"updated_at":1501,"id":1502,"uuid":1503,"content":1504,"slug":1683,"full_slug":1684,"sort_by_date":10,"position":1685,"tag_list":1686,"is_startpage":293,"parent_id":1480,"meta_data":10,"group_id":1687,"first_published_at":1688,"release_id":10,"lang":1409,"path":10,"alternates":1689,"default_full_slug":10,"translated_slugs":10},"The Footer","2024-11-28T05:07:04.794Z","2026-02-03T04:52:11.402Z","2026-02-03T04:52:11.416Z",586593479,"b22ebf68-64f7-4d83-bb6e-3810d483c052",{"_uid":1505,"mail":1506,"legal":1509,"links":1510,"socials":1637,"mail_cta":1654,"addresses":1661,"component":1667,"legalLinks":1668,"mail_line1":1681,"mail_line2":1682},"34e6ce7a-0a9f-4e20-a7e9-c7666d9141ce",{"type":306,"content":1507},[1508],{"type":319},"Dayos © 2026 | All rights reserved",[1511,1533,1564,1609],{"to":1512,"_uid":1513,"path":1514,"items":1515,"label":1531,"component":1532},{"id":286,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":286},"32536b62-f5ff-419d-a464-7a8a634340e0","platform",[1516,1521,1526],{"to":1517,"_uid":1520,"size":286,"label":137,"theme":286,"layout":286,"modalId":286,"component":1456,"openInNewTab":293},{"id":1518,"url":286,"anchor":286,"linktype":1451,"fieldtype":1452,"cached_url":1519},"8de97935-bfbc-42cc-855c-f3652f6ba703","us-en/platform/hero-answers","ae545c67-743e-4424-a183-e30e4780cd91",{"to":1522,"_uid":1525,"size":286,"label":129,"theme":286,"layout":286,"modalId":286,"component":1456,"openInNewTab":293},{"id":1523,"url":286,"anchor":286,"linktype":1451,"fieldtype":1452,"cached_url":1524},"235d585a-6265-4951-a00e-4d780fc6254e","us-en/platform/hero-actions","06814c62-724f-47ac-9100-ab997950e20a",{"to":1527,"_uid":1530,"size":286,"label":133,"theme":286,"layout":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1528,"url":286,"anchor":286,"linktype":1451,"fieldtype":1452,"cached_url":1529},"d701fde1-e138-44dd-8f00-818654bdaf5d","us-en/platform/hero-experts","53681d6d-d7a5-45f0-b59c-67330b1da43d","Platform","nav-group",{"to":1534,"_uid":1535,"path":1536,"items":1537,"label":1563,"component":1532},{"id":286,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":286},"9eb0aca9-c6a4-4deb-b4cf-d2d728725223","solutions",[1538,1543,1548,1553,1558],{"to":1539,"_uid":1542,"size":286,"label":116,"theme":286,"layout":286,"modalId":286,"component":1456,"openInNewTab":293},{"id":1540,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1541},"c4e63489-5e89-408b-b8fb-3a627d83b683","us-en/solutions/ai-it-management-software","8f901cac-688b-4e40-97e7-a27d0b8c380b",{"to":1544,"_uid":1547,"size":286,"label":108,"theme":286,"layout":286,"modalId":286,"component":1456,"openInNewTab":293},{"id":1545,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1546},"50a348d0-d9c3-46a3-969c-ae1b67d8b602","us-en/solutions/ai-accounting-software","9f6a0d20-a028-46cc-ade3-e9b03c8edd02",{"to":1549,"_uid":1552,"size":286,"label":112,"theme":286,"layout":286,"component":1456,"openInNewTab":293},{"id":1550,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1551},"61ea1f43-80e8-4685-a75b-b7bb058c56d0","us-en/solutions/ai-hr-software","ccc16185-765d-4097-921d-a74777411bca",{"to":1554,"_uid":1557,"size":286,"label":124,"theme":286,"layout":286,"component":1456,"openInNewTab":293},{"id":1555,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1556},"a20b54b7-ea58-4a1b-b5ff-e1cece796f1c","us-en/solutions/ai-finance-software","ca3fff7c-fd63-4491-8204-d8a273222721",{"to":1559,"_uid":1562,"size":286,"label":120,"theme":286,"layout":286,"component":1456,"openInNewTab":293},{"id":1560,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1561},"b6289b40-b1da-4124-a6cc-5b086aa7dc9d","us-en/solutions/ai-procurement-software","2c9c5b8e-0422-47c0-8204-3e3d3ae1c25f","Solutions",{"to":1565,"_uid":1568,"path":1569,"items":1570,"label":1608,"component":1532},{"id":1566,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1567},"21e480a1-1e3b-4edd-9985-04d8ade7964a","us-en/resources","0f1e5edd-462f-4bf5-b0b3-256f559dd599","resources",[1571,1577,1584,1590,1596,1602],{"to":1572,"_uid":1575,"size":286,"label":1576,"theme":286,"layout":286,"modalId":286,"component":1456,"openInNewTab":293},{"id":1573,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1574},"ffe4276c-1c23-40b5-b0e1-e51860b43b17","us-en/use-cases/","92a942c5-229a-43ef-ab92-8a147372676c","Use Cases",{"to":1578,"_uid":1581,"size":1582,"label":1583,"theme":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1579,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1580},"c52c2168-6474-45a8-9d67-e90d400c1f86","us-en/case-studies/","20b979a3-cdf0-4dd9-ba49-a775fe56d04e","large","Case Studies",{"to":1585,"_uid":1588,"size":1582,"label":1589,"theme":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1586,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1587},"286e0f10-36a3-40d2-afd2-b658598269c0","us-en/blog/","8eed3034-e910-4267-b828-cbee8c7de300","Blog",{"to":1591,"_uid":1594,"size":1582,"label":1595,"theme":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1592,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1593},"30355122-f006-4d93-af7c-0fa797f43237","us-en/news/","c4afec48-cb48-4295-9275-aaab73db5bfa","News",{"to":1597,"_uid":1600,"size":1582,"label":1601,"theme":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1598,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1599},"49583a38-cd3e-426d-8511-b6a263b33653","us-en/partnership","6621483f-5a13-49f3-a8b0-5801e3a9bb14","Partnership",{"to":1603,"_uid":1606,"size":1582,"label":1607,"theme":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1604,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1605},"88207b2c-0433-4471-835d-0d8b72a2cfff","us-en/release-notes-1_0","59eca443-a5be-4009-a177-e328bc4283f4","Release Notes","Resources",{"to":1610,"_uid":1611,"path":1612,"items":1613,"label":1636,"component":1532},{"id":1469,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1470},"05efb3ff-c79d-4682-88b3-f890f8856364","company",[1614,1618,1624,1630],{"to":1615,"_uid":1616,"size":286,"label":1617,"theme":286,"layout":286,"modalId":286,"component":1456,"openInNewTab":293},{"id":1469,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1470},"104ebe4f-7c7e-4855-a975-6b3d95b960d0","About Us",{"to":1619,"_uid":1622,"size":286,"label":1623,"theme":286,"layout":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1620,"url":286,"anchor":286,"linktype":1451,"fieldtype":1452,"cached_url":1621},"74ad0ac4-7d85-43d9-84e1-43953e7a5114","us-en/careers/","ddcc1888-4f39-416e-a155-370a7d088f55","Careers",{"to":1625,"_uid":1628,"size":1582,"label":1629,"theme":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1626,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1627},"85f2712e-89ea-4bba-8654-19ee7d38dc45","us-en/security","9ce92660-0d56-48f3-8789-1b6cf1aa3b35","Security",{"to":1631,"_uid":1633,"size":1582,"label":1634,"theme":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":1635},{"id":286,"url":1632,"linktype":1465,"fieldtype":1452,"cached_url":1632},"https://trust.dayos.com/","d56753a3-5ed1-4192-bb4c-3908a8345bd8","Trust Center",true,"Company",[1638,1644,1649],{"to":1639,"_uid":1641,"size":286,"label":1642,"theme":286,"layout":1643,"modalId":286,"component":1456,"openInNewTab":1635},{"id":286,"url":1640,"linktype":1465,"fieldtype":1452,"cached_url":1640},"https://www.youtube.com/channel/UCpKFcAA8ZaklU6ssr8vrQ-g","c00aee74-8f38-454c-845d-67273e6b7ea4","YouTube","link",{"to":1645,"_uid":1647,"label":1648,"theme":286,"layout":1643,"component":1456,"openInNewTab":1635},{"id":286,"url":1646,"linktype":1465,"fieldtype":1452,"cached_url":1646},"https://www.linkedin.com/company/dayos/","458300c6-f022-485e-9632-2a765db2e1fc","LinkedIn",{"to":1650,"_uid":1652,"size":1582,"label":1653,"theme":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":1635},{"id":286,"url":1651,"linktype":1465,"fieldtype":1452,"cached_url":1651},"https://x.com/dayosdotcom","cedb89c4-27a7-4c86-bd21-fc72073e066b","Twitter",[1655],{"to":1656,"_uid":1658,"size":1659,"label":1660,"theme":1432,"layout":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":1635},{"id":286,"url":1657,"linktype":1465,"fieldtype":1452,"cached_url":1657},"mailto:hello@dayos.com","3313f9e3-5f87-4b6d-af02-1482336c046a","small","hello@dayos.com",[1662],{"_uid":1663,"desc":1664,"media":1665,"heading":286,"component":1666},"8d5f8fb9-d142-431f-aa8c-3f15d22bdb04","3 Temasek Ave, Level 18\nCentennial Tower\nSingapore 039190",[],"generic-item","content-footer",[1669,1675],{"to":1670,"_uid":1673,"size":1582,"label":1674,"theme":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1671,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1672},"641e8934-69ae-4cea-8987-28dcd497726c","us-en/terms-of-service","9f017164-8650-437c-afaa-5fff9aaa4065","Online Terms of Service",{"to":1676,"_uid":1679,"size":1582,"label":1680,"theme":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1677,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1678},"efc4f57e-75dc-4992-ab76-23599a570256","us-en/privacy-statement","34e056b5-45d2-4868-a4e0-ffca19bb35b2","Privacy Statement","Have questions or want to chat?","Drop us a line →","the-footer","us-en/global/the-footer",0,[],"6cc48a95-3d2d-444d-9b2b-3a544ce7a4a7","2024-11-28T05:56:04.618Z",[],[],[],{"age":1487,"cache-control":1415,"connection":1416,"content-encoding":1417,"content-type":1418,"date":1488,"etag":1693,"referrer-policy":1421,"sb-be-version":1422,"server":1423,"transfer-encoding":1424,"vary":1425,"via":1694,"x-amz-cf-id":1695,"x-amz-cf-pop":1428,"x-cache":1492,"x-content-type-options":1430,"x-frame-options":1431,"x-permitted-cross-domain-policies":1432,"x-request-id":1696,"x-runtime":1697,"x-xss-protection":1435},"W/\"2ec5833b7b6e77e983b10fd1bed3fab1\"","1.1 3c6bb832c5323be7cf066aba5d1e22ea.cloudfront.net (CloudFront)","Z0b2P65NMlZFbjAk2733Iionp96FXn4QcEgTNLJ4wynaq2LcQijuZA==","85043dbb-f225-43f1-b693-9c39431d2441","0.029981",{"data":1699,"headers":1735,"perPage":1744,"total":422},{"stories":1700,"cv":1411,"rels":1733,"links":1734},[1701],{"name":1702,"created_at":1703,"published_at":1704,"updated_at":1705,"id":1706,"uuid":1376,"content":1707,"slug":1726,"full_slug":1727,"sort_by_date":10,"position":1685,"tag_list":1728,"is_startpage":293,"parent_id":1729,"meta_data":10,"group_id":1730,"first_published_at":1731,"release_id":10,"lang":1409,"path":10,"alternates":1732,"default_full_slug":10,"translated_slugs":10},"Brad","2024-12-13T02:35:37.189Z","2026-03-02T10:53:49.937Z","2026-03-02T10:53:49.949Z",595088333,{"_uid":1708,"avatar":1709,"fullName":1718,"linkedin":1719,"location":1720,"position":1721,"component":1722,"firstName":1723,"detailed_desc":1724,"detailed_position":1725},"9180f6ec-6250-44ec-990b-3fac2a9c4028",[1710],{"_uid":1711,"mobile":1712,"desktop":1714,"component":294},"05c86bc0-568a-425b-a522-13e9895eee02",{"id":10,"alt":10,"name":286,"focus":10,"title":10,"source":10,"filename":286,"copyright":10,"fieldtype":287,"meta_data":1713},{},{"id":1715,"alt":286,"name":286,"focus":286,"title":286,"source":286,"filename":1716,"copyright":286,"fieldtype":287,"meta_data":1717,"is_external_url":293},19696870,"https://a.storyblok.com/f/314917/512x512/c8ca8c88d1/brad.png",{},"Brad McElhannon","https://linkedin.com/in/bradmcelhannon","Singapore, SG","Founder & CEO","content-people","Brad ","20+ years delivering enterprise software solutions for Fortune 100/500 organizations, from ERP/HCM architecture and digital transformation to platform development and back-office automation. Previously Head of Finance Engineering at Robinhood, where he led systems IPO readiness, Finance and HCM transformation, plus global expansion initiatives.","Founder & Managing Director, Dayos","brad","us-en/people/brad",[],595088331,"02b59eda-9a93-4795-b97b-cf7d5b4d4ea7","2024-12-13T10:27:10.382Z",[],[],[],{"age":1736,"cache-control":1415,"connection":1416,"content-encoding":1417,"content-type":1418,"date":1737,"etag":1738,"per-page":1739,"referrer-policy":1421,"sb-be-version":1422,"server":1423,"total":1740,"transfer-encoding":1424,"vary":1425,"via":1426,"x-amz-cf-id":1741,"x-amz-cf-pop":1428,"x-cache":1492,"x-content-type-options":1430,"x-frame-options":1431,"x-permitted-cross-domain-policies":1432,"x-request-id":1742,"x-runtime":1743,"x-xss-protection":1435},"19","Tue, 21 Apr 2026 04:52:16 GMT","W/\"9ed412f40349b556ae42b9f06cc381b2\"","25","1","OCm_jbBJAfVnMJfzmatO97M3dxKSGraeBa5azDfIJ6un-vULYCfgsw==","bde518cb-6e82-45b2-90b8-90bcb7ccac57","0.027983",25,{"data":1746,"headers":1881},{"story":1747,"cv":1411,"rels":1879,"links":1880},{"name":1748,"created_at":1749,"published_at":1441,"updated_at":1750,"id":1751,"uuid":1752,"content":1753,"slug":1873,"full_slug":1874,"sort_by_date":10,"position":1875,"tag_list":1876,"is_startpage":293,"parent_id":1480,"meta_data":10,"group_id":1877,"first_published_at":1688,"release_id":10,"lang":1409,"path":10,"alternates":1878,"default_full_slug":10,"translated_slugs":10},"The Nav","2024-11-28T05:07:20.252Z","2025-10-07T02:27:51.914Z",586593480,"33d640e1-6a68-424b-8161-e29d01c0e6ed",{"_uid":1754,"links":1755,"login":1836,"start":1843,"contact":1849,"component":1872},"a2d83086-94d3-40f0-bd62-58bce92e2999",[1756,1769,1788,1793,1806,1814,1819],{"to":1757,"_uid":1758,"path":1514,"items":1759,"label":1531,"component":1532},{"id":286,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":286},"97fbb430-0320-4932-997e-7452f9c97611",[1760,1763,1766],{"to":1761,"_uid":1762,"size":286,"label":137,"theme":286,"layout":286,"modalId":286,"component":1456,"openInNewTab":293},{"id":1518,"url":286,"anchor":286,"linktype":1451,"fieldtype":1452,"cached_url":1519},"063812f4-3291-4ea5-a3ef-686c86143ae8",{"to":1764,"_uid":1765,"size":286,"label":129,"theme":286,"layout":286,"modalId":286,"component":1456,"openInNewTab":293},{"id":1523,"url":286,"anchor":286,"linktype":1451,"fieldtype":1452,"cached_url":1524},"b4dff1f3-9881-459e-9633-cf7f584f972c",{"to":1767,"_uid":1768,"size":286,"label":133,"theme":286,"layout":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1528,"url":286,"anchor":286,"linktype":1451,"fieldtype":1452,"cached_url":1529},"6af16863-69be-40f7-bd11-f126162fdcdf",{"to":1770,"_uid":1771,"path":1536,"items":1772,"label":1563,"component":1532},{"id":286,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":286},"56dfe5eb-1bf3-4b2e-8878-0832e3563fc9",[1773,1776,1779,1782,1785],{"to":1774,"_uid":1775,"size":286,"label":116,"theme":286,"layout":286,"modalId":286,"component":1456,"openInNewTab":293},{"id":1540,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1541},"86f1b26f-12cc-488c-ac43-e6121da00f9e",{"to":1777,"_uid":1778,"size":286,"label":108,"theme":286,"layout":286,"modalId":286,"component":1456,"openInNewTab":293},{"id":1545,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1546},"40684d32-737e-4f78-af27-1709cdf28929",{"to":1780,"_uid":1781,"size":286,"label":112,"theme":286,"layout":286,"component":1456,"openInNewTab":293},{"id":1550,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1551},"43e68759-18cc-484c-8904-ccd7c4da0ce2",{"to":1783,"_uid":1784,"size":286,"label":124,"theme":286,"layout":286,"component":1456,"openInNewTab":293},{"id":1555,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1556},"5c3cae33-9f5f-4c7b-84e4-88f02672aa02",{"to":1786,"_uid":1787,"size":286,"label":120,"theme":286,"layout":286,"component":1456,"openInNewTab":293},{"id":1560,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1561},"6a817513-1d3a-4b9b-8f7f-383e8447ab7c",{"to":1789,"_uid":1790,"path":1791,"items":1792,"label":1576,"component":1532},{"id":1573,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1574},"8e5507cd-2e57-4292-a15a-2acca50437d0","use-cases",[],{"to":1794,"_uid":1795,"path":1569,"items":1796,"label":1608,"component":1532},{"id":1566,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1567},"312dcc0e-f6e9-481e-a055-817797cad86a",[1797,1800,1803],{"to":1798,"_uid":1799,"size":1582,"label":1583,"theme":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1579,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1580},"37bc0b4d-5c40-42dd-aade-4d3bde4297e7",{"to":1801,"_uid":1802,"size":1582,"label":1589,"theme":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1586,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1587},"da116f06-0998-4648-9330-c59569b3e1d4",{"to":1804,"_uid":1805,"size":1582,"label":1595,"theme":286,"modalId":286,"hasArrow":293,"component":1456,"openInNewTab":293},{"id":1592,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1593},"ac8d4428-4a56-4cfc-b867-d41de61a4626",{"to":1807,"_uid":1810,"path":1811,"items":1812,"label":1813,"component":1532},{"id":1808,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1809},"e8b08c31-6c64-4ecd-869c-f273f5234e51","us-en/plans","4d4404b0-b95d-4749-9f3f-791e02fdfddf","plans",[],"Plans",{"to":1815,"_uid":1816,"path":1817,"items":1818,"label":1601,"component":1532},{"id":1598,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1599},"0a7b533b-be14-4b9c-91a0-2112eb3fa9d0","partnership",[],{"to":1820,"_uid":1821,"path":1612,"items":1822,"label":1636,"component":1532},{"id":1469,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1470},"9671ea58-50d9-4332-9913-eae5f492e240",[1823,1828,1833],{"to":1824,"_uid":1826,"size":286,"label":1827,"theme":286,"layout":286,"modalId":286,"component":1456,"openInNewTab":293},{"id":1469,"url":286,"anchor":1825,"linktype":1451,"fieldtype":1452,"cached_url":1470},"mission","a24d4e0e-dee9-4e43-814e-e902d05e63b5","Why Dayos",{"to":1829,"_uid":1831,"size":286,"label":1832,"theme":286,"layout":286,"component":1456,"openInNewTab":293},{"id":1469,"url":286,"anchor":1830,"linktype":1451,"fieldtype":1452,"cached_url":1470},"partners","7e5e0fcb-1c80-4357-91a4-6d6c18963146","Our Partners",{"to":1834,"_uid":1835,"size":286,"label":1623,"theme":286,"layout":286,"modalId":286,"component":1456,"openInNewTab":293},{"id":1620,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":1621},"92d36655-b06e-47a1-ad7d-9a21c9e94dc5",[1837],{"to":1838,"_uid":1840,"label":1841,"theme":286,"layout":1842,"component":1456,"openInNewTab":1635},{"id":286,"url":1839,"linktype":1465,"fieldtype":1452,"cached_url":1839},"https://login.dayos.ai/","995cebb5-018d-46a8-889e-8accfaa2b485","Login","secondary",[1844],{"to":1845,"_uid":1846,"label":1847,"theme":286,"layout":1848,"modalId":1455,"component":1456,"openInNewTab":293},{"id":286,"url":286,"linktype":1451,"fieldtype":1452,"cached_url":286},"06b4c09e-d91c-42b1-86eb-b69c559df1cb","Schedule a Demo","primary",{"type":306,"content":1850},[1851,1854],{"type":319,"content":1852},[1853],{"text":1681,"type":315},{"type":319,"content":1855},[1856,1858,1863],{"text":1857,"type":315},"Drop us a line ",{"text":1859,"type":315,"marks":1860},"→ ",[1861],{"type":326,"attrs":1862},{"color":286},{"text":1660,"type":315,"marks":1864},[1865,1870],{"type":1643,"attrs":1866},{"href":1867,"uuid":10,"anchor":10,"target":1868,"linktype":1869},"→ hello@dayos.com","_self","email",{"type":326,"attrs":1871},{"color":286},"content-nav","the-nav","us-en/global/the-nav",-10,[],"963e043d-382e-4f0c-b507-6a4e0ea72a55",[],[],[],{"age":1882,"cache-control":1415,"connection":1416,"content-encoding":1417,"content-type":1418,"date":1488,"etag":1883,"referrer-policy":1421,"sb-be-version":1422,"server":1423,"transfer-encoding":1424,"vary":1425,"via":1884,"x-amz-cf-id":1885,"x-amz-cf-pop":1428,"x-cache":1492,"x-content-type-options":1430,"x-frame-options":1431,"x-permitted-cross-domain-policies":1432,"x-request-id":1886,"x-runtime":1887,"x-xss-protection":1435},"41","W/\"299d0064cd31ae6b67ef9bc859b25e36\"","1.1 527c335ffbc06e862648fccafff3f25e.cloudfront.net (CloudFront)","U31lkbezYFiSfOnF_kmTvQoMco2qKq14qPbXhlq6I4ct4B8UNBoFZQ==","d07185b3-f875-4d03-8bc7-a6bda4365482","0.035328",1776747150788]