I maintain a single global application baseline policy that detects 200+ RMM tools.

Some customers are explicitly approved to use specific tools (e.g., Alpha‑Company is approved for Zoho Assist). Today, there is no way to exclude a single application for a specific customer while keeping the rest of the baseline intact.

Current behavior:

* Tags apply at the policy level, not per application

* Excluding Zoho Assist via a tag suppresses alerts for all tools in the policy

* The only workaround is splitting the baseline into individual policies, which creates unnecessary policy sprawl

Requested capability:

* Allow per‑customer / per‑application exclusions within a consolidated policy, so approved tools can be exempted without breaking apart the entire baseline.

* This would significantly reduce policy overhead while preserving strong baseline detection.