Look up post-exploit mitigations, such as ASLR and pointer authentication. These are mechanisms that only become relevant when software has already been breached. In most cases, they cannot entirely prevent further progress by the attacker, just make it significantly harder.

Similar principle (only on the other end).