What ist the benefit of IPS, Zero-Day Protection, ATP and web filtering without deep packet inspection on TLS sessions

stupid question, I know, but honestly: what is the benefit of the Xstream protection when you decide not to break TLS sessions at all (besides mail filtering)?

Will someone earn any higher protection level with all these features activated without breaking TLS in comparison to a base licence?

I am asking because when I look around (ca. 100 and more customers, even at enterprise level), nobodoy, really nobody does TLS decryption in any case but for testing purposes. There are a lot of reasons against: privacy breach (admins may read passwords of users in clear text) and simply because many things won't work anymore because lots of (web) applications rely just on working https connections. Things get more and more complicated.

So on one hand every manufactor praises zero-trust, xstream, total protection, 360 degree of comfort or whatever term came to your mind, but what does it help in reality when you are able only to inspect unsecured connections? How much do you raise your security level? In percentage maybe: 5, 10, 25 or even 42%?

I can read and read whitepapers and watch demos: It will not get to my mind, what is the purpose of buying all these features, when nobody make use of it?

Some help and clarification would be really appreciated.

Added TAGs
[edited by: emmosophos at 4:54 PM (GMT -7) on 3 Nov 2023]