Using the current beta, I found that I often get reprompted for applications with existing rules. Most notably, my browsers. For example, I had firefox working fine and then in the middle of using it, I click and link and am asked if I want to allow it to use the internet.
Normally I’d be satisfied with the different parent explanation, but as I said, this happend in the middle of browsing. I clicked a link and it randomly asked permissino again.
They may seem the same but probably their security considerations section were pointing to different threats. Let us know when you can capture the screenshots so that we can see why you are receiving them.
It is about remembering the leak requests. For example, APPx has modified the memory of APPy. If you remember this type of popup and allow, then CPF will think this is a legitimate inter process communication and wont ask you about this relationship further. The same is valid for all application behavior analysis options.