Rambling post ahead...just an attempt to keep writing, and perhaps generate some focused topics for later posts.
I've noticed a rapid push for more and more security tools to be installed on everything from a toaster (e.g. IoT devices) to desktops, to VMs and physical servers.
This one monitors your activity (all of it? Specific actions?); this one verifies that blob of bits is benign (or, really, not known to be malicious); this one prevents you from using parts of the system (USB ports, CD/DVD drive).
Luckily...it leaves about 1/4th of the system available for those actual value-generating activities (hopefully those activities are ok, even if monitored). Hopefully we all over-purchased resources so we can handle the current - and the future - security tools that will be required on our systems.
It's not unexpected. It's a lot easier to sell a product that offers (the illusion of) control, than to be constantly vigilant, or work with those around you to improve actual security.
And it's not that these products cannot be valuable in ones goal to maintain the security, integrity, and privacy of your data, environment, and, of course, your self. They just tend to become a way to say you've done something to improve security, without actually proving it improved your - or your customers - security.
Then, there's the issue of parsing all this security data that the tools generate...which requires resources that also need to be secured...
