I think it would be useful for CIS if they were to create a process guard. I mean by like, creating a whitelist of known-good processes and a blacklist for known-bad and for unknowns, it will automatically allow whitelisted processes, it will automatically block all requests from a blacklisted process to run, and it will ask the user for any unknown.
Do you mean like a scaled down version of Defense+?
Kinda, though Comodo already has enough prevention… so nevermind I guess