Jason, I was playing around with the trial and I found a small security hole. Since I don't like to be bothered with prompts when applications execute, I have the default for "Execution" set to "Allow", and everything else set to "Ask" Now, lets use internet explorer for this example. C:\Program Files\Internet Explorer\iexplore.exe This file has custom permissions that I set for it in AppDefend. Such as, allow network access, allow global hooks, and some other things. Now, when a trojan or some sort of virus replaces iexplore.exe with a simple renamed version of itself, it now has access to all the permissions I set for the original iexplore.exe. To reproduce this, follow the steps here: 1) Set the default for Execution to allow. 2) Give certain permissions like Network Access to iexplore.exe 3) Replace iexplore.exe with some other application that accesses the internet (like your email client or another browser) and rename it to iexplore.exe. 4) Launch your "new" iexplore.exe and see how AppDefend just lets it access the internet, as if it were the real iexplore.exe. I'm replacing iexplore.exe with an email client in my test, which is kind of harmless. But this also means that it can be replaced by a virus or even modified by a trojan or some malicious coding.