QUIC is the standard problem across n number of clients who choose Zscaler and similar content inspection tools. You can block it at the policy level but you also need to have it disabled at the browser level. Which sometimes magically turns on again and leads to a flurry of tickets for 'slow internet', 'Google search not working' etcetera.
Why wasn't there a PAM solution in place that logged all the mainframe user level activities and commands? Maybe cyberark or such? Would have help to trace the issues and even control such commands from being run by a novice.
1 is already a solved problem. My employer had originally put a ML based system to find DQ issues (already working) and is looking at pocs to add LLMs in the model mix. Hearsay is that our lakehouse vendor will have their own solution to this question via a acquisition.
2 is interesting, possible to do via LLM but I worry about data privacy and hallucinations making data more believable but not real.
There is a category of sms that won't show up in your inbox. Think of them as messages for your baseband/ system. But they will result in delivery messages. They used to be quite well used in the Nokia era.