Alright Chiron, here's what's going on in my head right now.
Defense+ as it is, is horribly compartmentalized.
Tackling the issue you brought up, whether an application is Unrecognized, Trusted, or Blocked, should show up in the Predefined Policy drop down. But this isn't superficial. Defense+ would come with the three Predefined Policies in the Predefined Policies list - by default and immutable. And when a program gets added to the Unrecognized Files list, it would also automatically populate the Defense+ Rules list.
But what about unrecognized files and their relationship with the sandbox?
Well, I'm planning on adding a sandbox tab in the ASAC window with the options you'd currently find in the Add a Program to the Sandbox window.
And finally, I'm looking to redesign the "Basic Switches" tab into a Summary tab, so that you'd be able to know, at a glance, what is happening in the other tabs, abstractly. I still intend to keep the current functionality though, somehow.
Larger picture, there should probably be a column in the Defense+ Rules Tab table that says what the sandbox policy is.
And even larger picture, I'm looking for a place to put a button or command that lets you quickly toggle between the Network Access window and the System Access window for one application.