cxr parent
If antivirus scanners come up at any point when the topic is things that are "critical" to the developer experience (let alone as the very first thing), that's a really telling baseline—the tip of the iceberg as far as indicators of organizational dysfunction go. You might as well be speaking from a place where every employee starts the day with a nailgun fired through the palm of their hand and then they spend their time gushing over lunch about how Acme Co. has the best woodsaws out of all the woodsaws because theirs are the ones that let you really get in there and cut away most of the plank—so you're just walking around with a medium chunk of wood fixed to the back of your hand, of course, instead of the whole board. Nuts.
Not sure that I follow... From what I have understood, a lot of corporations have these kind of set ups in place to avoid downloading malicious software, limit the possible impact of malware, monitor employees and so on. And it is clear that no development team can change policy for whole organization — so why shouldn't developers choose the kind of tooling which allows them to deliver within the constraints of the organization?
You are taking it as a given that developers are making these choices at organizations where it is normal for them to have to fire a nailgun through the palms of their hands at the beginning of the day. I'm saying that when developers are making these choices they should be doing so at organizations where it is a given that they don't have to do that.