It would be useful to allow for the containment baseline to be re-enabled for X days for an endpoint only (not all devices in the group) when a user has a new application that is unknown but is known to be ok. Often customers get frustrated with having to wait for days until a human verdict sets the file rating to "Trusted".