>Companies will burden issued PCs with bloated anti-virus,
Ugh, bane of my day job. I work with two companies in particular that have high security requirements in their environments and very similar total workloads with our software. One spends around $250k (ish) a year in self hosting costs, the other over a million to get the same throughput. The less costly one worked with us as a vendor to get anti-virus/endpoint exclusions on the file io intensive part of our application and put anti-virus scanning before that point, then harden those machines in other ways. The other customer is "policy demands we scan everything everywhere and the policy is iron law".
Worst is, nowadays such bloated "security" software is being forced onto Linux servers too... every time I check why something feels slow, Microsoft Defender is hogging resources.
Ugh, bane of my day job. I work with two companies in particular that have high security requirements in their environments and very similar total workloads with our software. One spends around $250k (ish) a year in self hosting costs, the other over a million to get the same throughput. The less costly one worked with us as a vendor to get anti-virus/endpoint exclusions on the file io intensive part of our application and put anti-virus scanning before that point, then harden those machines in other ways. The other customer is "policy demands we scan everything everywhere and the policy is iron law".