I’ve been combing over the HIPS options and there is this;
Enable enhanced protection mode - On 64 bit systems, enabling this mode will activate additional host intrusion prevention techniques to countermeasure extremely sophisticated malware that tries to bypass regular countermeasures. Because of limitations in Windows 7/8 x64 systems, some HIPS functions in previous versions of CIS could theoretically be bypassed by malware. Enhanced Protection Mode implements several patent-pending ways to improve HIPS. CIS requires a system restart for enabling enhanced protection mode (Default = Disabled).
So why isn’t this enabled by default? Is it still considered experimental, or does it cost to much resources with additional processes running to not be deemed worth using by the vast majority of users? Are there any cons to having this checked, the description makes it sound obvious that if you use 64-bit you enable this, but again this is not on by default.