Please consider changing CIS so that DLLs are detected when Image Execution Control Level is set to Normal, and Files to Check includes entry *.dll. Currently, DLLs can only be detected when Image Execution Control Level is set to Aggressive, which seems to sometimes result in detection of DLLs that aren’t involved in execution. Additionally, if Files to Check includes entry *.dll, DLLs of any extension should be detected, not just those with extension .DLL.
We’ve seen recent Windows vulnerabilities where this capability would have been useful. Two of these are https://forums.comodo.com/virusmalware-removal-assistance/rootkittmphider-t59193.0.html and Zero-day Windows bug problem worse than first thought, says expert | Computerworld.
Some would probably object to detecting DLLs due to a belief that too many Defense+ alerts would be generated. In fact, this doesn’t have to be the case if one is using CIS as an anti-executable in an account with limited privileges - as described at https://forums.comodo.com/guides-cis/using-comodo-internet-security-as-an-antiexecutable-t60303.0.html.