CFP engine as is it is powerful indeed but IMHO it has some unexploited potential, though.
I'll wait whatever time it takes to see that potential fulfilled.
For example D+ engine can be used not only as a malware shield but also as a system gatekeeper.
Using custom ruleset it could be possible to enforce specific safe behaviours.
For example even if the save as dialog of an application permit to rewrite any type of file it is possible to prevent users to overwrite executable applications.
The same goes with the firewall as users can chose to limit even legit behaviours (eg call-home connections)
I came to like CFP more as a behavioural enforcer than a malware shield.
Improving CFP GUI ability to edit rules and configurations, improving the ruleset language will make CFP even more powerful without even adding new features to CFP core engine.
A strict D+ policy could even defeat a 0-day BO exploit if the malicious code attempt something different from the rules enforced for that app.
Improving CFP rule import export capabilities and ruleset language could make possible to share single application policies and make them cross-compatible with different machines.
Improving Digital Signature support to warn about invalid digital certificates of to optionally add them to trusted vendors will even reduce the need of scanning some files.
CFP engine can do many things already and most of the things I could say are merely tiny details.
I'm waiting forward to CFP sandboxing technology as IMHO it could be a good way to peek in those software blackboxes.
It would be great if such sandboxing technology could be used to automatically create an application policy for file/registry accesses the user can later refine.
