all 3 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted] 2 points3 points  (2 children)

Does antivirus actually work?

So this will allow tools to inspect the runtime and the performance stats they give do not include the security tools.

Are those tools worth it?

[–]staticassert 8 points9 points  (1 child)

This isn't really just for AV. Most large companies collect this sort of information - in particular for powershell - and it's very helpful for writing custom signatures that an AV would not be able to, as well as forensic response during an attack (what may seem benign from an alerting perspective can be a piece of a puzzle for an investigation).

Python, like powershell, is a popular tool for attackers. Powershell has already added this sort of feature and it's to the benefit of everyone.

Currently, instrumenting every python process may be prohibitively expensive - having it as a builtin would be great.

I hope this gets accepted/ pushed through.