You have to know that when you use various software, Windows gives a number to each software's drivers, which is like a "queue" number called Altitude; so if one software's drivers has a lower number, it will react first.
I'm not saying having a sb is no good. I'm questioning the use practicality aspect of it. IMO a HIPS(heuristics-based) + BB(behavioral-based) is a better and more practical approach than using a sb noting that each technology (sb, HIPS, BB) has its limitations
For me the primary limitation if there is one is the user requirement to see the alert and choose to run restricted. However and as mentioned, Comodo will sandbox unrecognized/unsigned or improperly signed without an alert with an alteration of the settings from those used in the video (I think the Comodo default may actually be to not see the privilege escalation alert...can't recall). @cruelsister simply uses this run restricted option with no alert.
I run some unsigned software, so I use the alerts to allow them, knowing the risk. At any rate, for me, this is where I would like to see Comodo become the name to trust for recognition of sketchy signatures. I mean, the company issues digital signatures themselves, so being known this way would be of value to the company. I want to trust Cloud Lookup but so far I choose to trust the av (avast or Qihoo) to provide more information on the unsigned programs I am without question going to run. It's working so I am happy with the arrangement. Mostly this is because I only run software that I know I can trust. Maybe more CCleaner episodes are out there but I haven't been hit yet.
For me, BB response is like a specialized HIPS response. It can be more sophisticated than HIPS, of course, but this is how I think of BB. Well, in Comodo, what about its heuristic command line monitoring...is this not BB? When I examine the authority in methodologies of protection, heuristic command line monitoring is the one that comes to my mind as the single absolutely indispensable element of security that must be on every system. Comodo does have this going for it, even if Viruscope is still non-functional/non-existent.
Overall, I guess if I would point to an area where Comodo can improve, I would say it might be in settings packages that are easy to understand. Difficult challenge maybe, but I do feel this would add to the program. One other thing would be to make the alerts match the risk a little bit better.