If I'm not wrong
When you install both (VS and WAR) they do take "snapshots" of your system. What do you mean by "safe" apps in WAR? How do WAR determines a "safe" app? Through whitelisting?
WAR works using behavior blocking whilst VS uses virus-comparison using VT and its Ai. WAR can work offline since it don't depend on signatures whilst VS is handicapped since it depends on the initial "snapshot" taken for determining "safe" apps and, of course, as an anti-exe.
Not sure which generates more FPs using behavior blocking and virus-comparison/Ai methods
If you install a new app after the initial set up I believe both will prompt you.....I might be wrong here
WAR determines "safe" apps by its BB. If the apps are not detected by BB, they are considered as safe by WAR and will NOT generate any prompt. The apps will run straight away. The advantage is that it can work offline
However, its BB works best for ransomwares but is poor against malwares. Its app control is an extra feature where you can enter and manually block or allow something but it doesn't work like other anti-exe
Therefore, WAR is a BB. I can name you a free alternative: Kaspersky antiransomware: it can work offline and a specialized BB for ransomwares/trojans, not powerful against other malwares
VS = anti-exe + VT + Ai => if you don't have the internet, VS = anti-exe
it can still block all apps like an anti-exe + the message of "no internet connection"
If we run a safe app like google chrome, WAR won't generate any prompt
VS, if we use always on mode, Google chrome will be blocked by default. This is lockdown mode so safe or unsafe apps will be blocked
if we use autopilot mode, GC will be allowed to run without any prompt
If we don't have the internet, VS will block GC because it needs VT and Ai results to allow GC
According to users' reviews, WAR blocked many truely safe apps. The rate of FP is very high
VS also has a problem with FP due to the Ai. They are equal in terms of FP rate, IMO
However, VS has VT which can help you to decide if the app is a FP or not
EDIT: by the way, you mentioned "snapshot"
I think snapshot is to mark all installed apps as safe and generate a list of safe apps in application control. This is true for VS not 100% sure for WAR
if a malware already infected the PC, we install VS or WAR, the malware is automatically allowed => downside of having a snapshot => VS and WAR should be installed on a clean PC