Debunked: Three Myths About Security Automation