if you actually read the popup that appears when you enable that option it says its only meant for highly infected machines.

[attachment deleted by admin]

I did read the popup. I did not have any problems previously with it sandboxing programmings on startup. I try to operate in the highest level of security possible. If you could not tell I tweak all my settings. When I first posted I only it appeared to be an issue with specific to the Sandbox portion of Defense+… not a Defense+ hence I did not try to go without an option that has worked fine for me in the past. But thanks for the help anyway… :-\

This did work with earlier versions CIS 3 I think.

No need now if you run in Paranoid mode Defense+ even if you stop cfp and cmdagent from running, any application will not run if there is no rule.