At this point I don’t want anything to have kernel level access other than the OS and some necessary hardware drivers. I’m not super familiar with MacOS, but do you know if Gatekeeper or XProtect run at ring 0? If they do run at ring 0, would you consider that anticompetitive? I’m almost certain Apple will move or did move to depreciate kernel extensions. Which means it would be the same situation Microsoft wanted to force as you described.
The other argument with Defender is you could at least have a choice to use it or not.
TrueNAS is switching apps from kubernetes to docker. Might wait till October if wanting to spin up something new. I’ve got to figure out how to migrate my TrueCharts apps or find the equivalent when the time comes to upgrade