The "did it save someone from a supply chain attack? Also probably yes" line is great. The problem with security tooling is exactly this — you never see the attack you prevented.
Biggest thing for me was accepting that your job is no longer about writing code — it's about removing blockers for others. Calendar time > coding time was a hard mental shift.