> Every sane approach to security relies on keeping the bad guys out, not mitigating the damage they can do once they're in.

That’s not true at all in the field of cybersecurity in general, and I have doubts that it’s true in the subset of the field that has to do with anticheat.