Then you must be doing something magical, because my experience is different (but then I have way less experience than you, I only did IT-security as a minor in my study). Let's agree that a PC protected by AppLocker and AppGuard and Windows Defender configured on HIGH is hard, probably impossible to be intruded by any malware what so ever.Not in my recent experience on Win10ent.
It is a quote from the official Microsoft documentation I added in my response. A picture tells more than a thousand words (as we say in Dutch), so . . .(picture taken from from the same official Microsoft documentation link: Use Software Restriction Policies and AppLocker policies (Windows 10))I'm not sure what you are referring to, but like I said, AppLocker policies are SRP policies in Windows. Even Microsoft says it in their official documentation.