@Di4na Okay, the way you phrased it sounded like you were disagreeing with my understanding why Rust and LE worked, despite having agreed to the same understanding beforehand.
To your questions at hand and what's changing, I initially wrote:
> There are other spheres of security where we haven't yet achieved that. I'm mostly thinking about infrastructure security here: Most issues are about asset lists, keeping your systems up-to-date and knowing what you're running. Probably the solution will look like something that's using SBOMs, IaC and some automation waves frantically -- but it's not fully fleshed out yet.
This gives a glimpse onto what the security world is talking and changing: Automation around dependency issues, reproducibility in infrastructure, etc. But those are baby steps, there's no finished "product" like Rust or LE but mostly just techniques that some tools already employ but aren't yet user friendly in the wide world. Think Ada SPARK instead of Rust.
I'm currently doing a lot of infrastructure work, so forgive me if I'm a bit out-of-the-loop when it comes to appsec (despite actually that being my passion). That being said, there's some work for better sandboxing mechanisms and compiler tooling.