Also, while I’m on my soap box - there is a massive elephant the room around EDR cybersecurity vendors having such a high level of access worldwide without any real third party oversight.
They’re all, bar Elastic, encoding signature updates, evading researchers, using NDAs etc. There’s also literal nation state spying going on.
I think that whole area is a tinderbox and it’s had no real scrutiny.. like, at all.