I would like to have CAM bring in more details to create rules on, specifically fields like product version and product name. This way we could whitelist in this example publisher=Microsoft, product name=PowerToys*, version > 0.69.1 and it would be safely scoped to only Microsoft powertoys with version greater than 0.69. Currently with the options we have available the closest I can do is to whitelist all Microsoft products with filename of PowerToys* which a clever user could rename any Microsoft application and install. More granularity in the fields to create rules on would help.
Customer support service by UserEcho