My main use case is as I described, managing a team of Developers, and processing code through development stages and testing.
Each stage or test is done in its own isolated VM.
I developed this flow long before I became aware of Continuous Integration projects like Jenkins CI.
It’s all portable of course (one of the benefits of virtualization), can be run on anyone’s machine, on a server or locally on a machine.
A case can be made that the concepts can or should be applied on common personal workstations…
Apps like torrenting comes to mind for its security issues.
The benefit of better isolation of processes is that any kind of compromise for any reason (badly written code?) restricts the compromise only to that one app.
In fact, 'way back when systemd first appeared I opined at the time that it could provide the basis for a future “very secure” architecture by isolating every application, service and process within its own container. To a certain degree, this already is being done in x64 architecture (every running application is supposed to think it is the only one using resources and can access practically every address in the memory map because apps run in their own virtual environments, not to be confused with virtualization).
TSU