Yes, Microsoft Defender Endpoint Application Control (MDE AC) can do all of the above. Here are the answers to your questions:
- Monitoring of process launch attempts: Yes, MDE AC can monitor process launch attempts.
- Can processes be blocked: Yes, processes can be blocked by MDE AC.
- Can processes be defined by fingerprint/hash: Yes, processes can be defined by fingerprint/hash using MDE AC.
- Process exclusion based on argument regex string: Yes, MDE AC can exclude processes based on argument regex string.
- File read/create/delete/write attempt monitoring: Yes, MDE AC can monitor file read/create/delete/write attempts.
- Is DLL Load monitoring possible: Yes, DLL Load monitoring is possible with MDE AC.
- Can processes be monitored whilst allowing further rules to be analyzed (continue processing other rules): Yes, MDE AC can monitor processes while allowing further rules to be analyzed.
- Can log events including severity: Yes, MDE AC can log events including severity.
- Can notify user of policy actions: Yes, MDE AC can notify users of policy actions.
- Can processes be monitored based on wildcard expressions: Yes, MDE AC can monitor processes based on wildcard expressions.
For more information and code samples, please refer to the Microsoft Defender for Endpoint documentation: https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.