Much of our computer security defenses are already completely automated. Our operating systems are more securely configured out of the box, from firmware startup to the operating system running apps in secure hardware-enforced virtual boundaries, than ever before. If left alone in their default state, our operating systems will auto-update themselves to minimize any known vulnerabilities that have been addressed by the OS vendor.
Most operating systems come with rudimentary blacklists of “bad apps” and “bad digital certificates” that they will not run and always-on firewalls with a nice set of “deny-by-default” rules. Each OS either contains a built-in, self-updating, antimalware program or the users or administrators install one as one of the first administrative tasks they perform. When a new malware program is released, most antimalware programs get a signature update within 24 hours.