I guess I have figured out why D+ scores low on usability - No global rules. Novice users (such as myself) don’t possess the technical prowess to be able to tune D+ at the granular level. There is no “simple” way to configure D+. That is why a feature to configure D+ at the surface; applying rules globally. It will act as a pseudo-behaviour blocker. This is how it will work -
The “Computer Security Policy” will be divided into two windows - 1) Per-application basis settings and, 2) system wide settings.
Per-application Basis: This would be the advanced mode; the current Defense+ “Computer Security Policy”. Here you can define intricate rules; more granular. The more knowledgeable users will prefer this mode.
System-Wide: The beginner/novice mode. In this mode, instead of applying rules for each application, applications will be applied to the rules; each ruled created will be in effect for the whole system. Settings for only the most essential activities monitored by D+ will be configurable - Protected files / folders, protected registry keys, device driver installations, image executions… An option to specify application exceptions for an enforced rule will be available next to the corresponding activity monitored.
An option to activate or deactivate either of the modes will further the usability. This way the novice user won’t have to contend with setting up the “Per-application Basis” mode.
If both the modes are turned on, the rules in “Per-applications Basis” settings will over-ride the rules in “System-Wide” settings.