[killerstorm]

Point #1 might seem unrealistic, but it's exactly how IT security of most companies operate now: "We are concerned about malware so we give full control of our systems to CrowdStrike". That is, having a single point of failure is shocking common.

[michaelcampbell]

I've worked with companies whose infosec dept. is little more than "see tool alert, ask user what's going on", and then keep searching for the right _tool_ than injecting any human agency in that loop.

If any role is ready for an LLM to take over (or even a shell script), it's that one.