You’re thinking of Intel vPro. I imagine some of the Crowdstrike victims customers have this and a bunch of poor level 1 techs are slowly griding their way through every workstation on their networks. But yeah, OP is deluded and/or very inexperienced if they think this could have been mitigated on workstations through some magical “hygiene”.
Is there a single US-based security vendor that lists US-based APT groups?