Is there a way to set CIS to always ask before sandboxing?

Is there a way to set CIS to ask you before sandboxing ANY unrecognized application? It’ so annoying I have to run the app, gets automatically sandboxed, then I have to manually set it as trusted and kill the app, relaunch it and use it.

Where CIS could just simply ask me what to do with the unrecognized app. And then I can either decide to trust it right away or to let it behave like it does now, get sandboxed.
I can’t seem to find any way to do that. I can only exclude certain stuff from getting sandboxed using custom sandbox rules, but I can’t make it ask me what to do with the files.
Something I quite like in Comodo Cloud Antivirus, but the problem there is, the lack of these very same rules and file origin tracking, it’s spawning countless popups on things it shouldn’t be spawning popups.

So, is there even a way to do it in current CIS? It only asks for apps that trigger UAC, but not stuff that run in user mode and it’s quite annoying.

Not yet. I asked for this two years ago. So far it’s fallen on deaf ears.;msg692985#msg692985

I actually brought up this particular wish to Buket a week or 2 ago. She said she was going to create a backlog for it. Lets hope it gets added soon.

I think this is exactly what happens with the latest release of CIS.
Yesterday I noticed that a sandbox popup asked me what i’d like to do (run isolated, allow or block), when before it just run the app in the sandbox and you had to click on “don’t sandbox it again” to avoid sandboxing (like this I had several “ignore” entries on sandbox rules).
Could anyone confirm please?

Maybe the sandbox option “Show privilege elevation alerts for unknown programs” is the tweak.
If enable, you will get a popup asking you about what you’d like to do (run isolated, allow or block).
If disable, you will just get a popup saying “the program was isolated” with the option “don’t sandbox again”.
Is that correct?

This is the reason I can’t use the D+ sandbox (and have to bear clicking through HIPS popups). More than a couple times CIS has auto-sandboxed a script or a component during application installation, and I’ve had to whitelist the folder, uninstall the app and then reinstall it. It’s infuriating. Also programs that do something special on first run may or may not work correctly after the usual whitelist-exit-restart shuffle. I’m surprised this hasn’t been implemented yet, as I’m sure the mechanisms are already there: HIPS asks for confirmation before carrying out the command.

No. The option means that unknown applications that require elevation (admin privileges) generate additional D+ confirmation popups. Unknown applications that don’t require elevation are sandboxed as usual. I find the option useless as Windows is already able to ask for elevation confirmation.