This is probably a dumb question but I have not been able to find an answer.
I was requested to remove an App which was purchased by a 3rd party and converted to a "dangerous" app. I am able to get the Bundle ID for the App but not the Name (IE: App Name "Keynote" would be Bundle ID "com.apple.Keynote.") When I type the name of the app in nothing related shows up. As long as I have the Bundle ID, can I substitute my own "App Name" and still have the App Restriction work?
No, you can't
Do you still have the installer? If yes, you can use the app Suspicious Package ( https://mothersruin.com/software/SuspiciousPackage/get.html ) to get details of the installer. It will list the scripts, Files and Receipts. There you can look for the .app, script name or Unix executable.
I haven't tried with scripts / Unix executables so I don't know if that will work with rectriction.
If Restriction does not work, you can use Files and Processes in Policies and run ongoing / daily