Would love for the firewall rules to function more similarly to Little Snitch on Mac, where each connection to a new address or site is asked separately instead of just a generic allow for a program.
As it stands, if an attacker compromises your host and uses a program that you’ve already whitelisted such as say powershell.exe, Glasswire would allow the traffic just fine. However, with more fine tuned filtering, Glasswire should ask if the new connection is allowed or not, which would prevent the attacker from egressing - the best possible outcome.