Intercept X - Detect Malware Downloaders (Macro's, PDFs, etc]
Intercept X is great for detecting new executable malware, however it does not seem great at detecting malware downloaders, e.g. Office macro or PDF downloaders.
Can Intercept X be enhanced so it looks for Office documents that spawn powershell/cmd/BITSAdmin or any other application that can be used to download executable content? This will provide an additional layer of defence in depth that an adversary has to bypass in order to infect a system.