1. What actually happened or you saw:
Currently as a lay user, I configure cis to block “threats” with certificate or not, I will end up harming system updates or even cis itself configures the suite based on bad experiences when testing malware samples
2. What you wanted to happen or see:
There is a way to configure cis, selecting which certificates I want to trust;
This additional configuration would address some of the incompatibility with system updates and most secure applications that are constantly updated
3. Why you think it is desirable:
As stated above, secure, digitally signed applications use folders used by most existing malware, with the option of selecting which trust certificate would solve part of the incompatibility issue with secure applications
4. Any other information:
See attach