Note that this topic is primarily aimed at developers since any decisions on it are going to be substantially based on very specific hardware and firmware items at the architecture level, many of which are not disclosed to the community. The community is welcome to weigh in, of course.
Laptops are the go-to professional gear for pentesters-- as opposed to many other professionals who only use laptops in transit, but prefer a desktop when in their studio or office. A versatile machine like the Eve V is well-suited to the task-- for those doing the usual Kali Linux or Arch Linux (etc.) type of setup. Most people would VM Box the whole deal within the OS of their choice anyway.
However, compartmentalization is where security can get serious. This is where Qubes OS comes in. I won’t blab on about Qubes OS since those who care will know or look it up, but they do have the ability for hardware to become certified by Qubes OS. All this means is that a certain given set of (security-related) parameters must be met and then the Eve V could be supported by Qubes OS developers. This could establish the Eve V as an elite secure machine-- placing it in a very sparse class of tech.
The link to hardware certification info and contact is here:
The best part of this idea is that it doesn’t take away from anyone else’s use-cases. With an ultra-secure laptop you can still make music, do graphic design, create spreadsheets, or whatever. However, you have the ability to create a wonderful little privacy cocoon that is either always on or only when you specifically need it. For that matter, if you find a security feature to be in the way of your convenience or workflow, it is always easy to become less secure at your preference.
Just my ₿0.02