Maybe the world can finally reconsider their use of software products that cater to security theater. And the politics in companies which lead to things like this being introduced ("nobody gets fired for buying IBM").
"Endpoint protection" is just the new, hip term for antivirus/intrusion prevention/incident logging of the past. Why not provide immutable Linux based machines (like Chromebooks, Fedora Silverblue) which are locked down outside of the browser? I am aware that this isn't possible in some areas of the industry that rely on large amounts of Windows-only desktop software, but in many cases it may be worth a thought.
If I am being naive here, happy to hear other opinions. But I hate opening my company Windows laptop and having the fans turn to 11 just because some "security" software is parsing random files for malicious signatures or running an update that BSOD loops.
Edit: took out a bit of snark.