Is it possible to block a process when it's started with specific commandline parameters? I'm looking at Applocker but it doesn't seem to have the ability.
Contrived example but suppose I don't mind anyone starting notepad.exe but I would like to block or get notified when someone starts with notepad.exe "C:\Users\profile\test.txt"
It is not possible to block Apps with certain commandline parameters, at least with on-board ressources. There may be some 3rd party tools that are able to lock down your machine to the parameter level, but this is nothing you see in business environments.
It makes no sense for Applocker to block this, because the app (usually) could do the same thing by itself.