Sophos Cybersecurity as a Service Reviews

Sophos Cybersecurity as a Service product name is MDR, and we started using it from last year only. It has been one year now.

I use its automated threat response, which is a key feature of the service.

Sophos Cybersecurity as a Service is taking care of the complete cybersecurity, helping to mitigate potential threats by monitoring the logs and the events 24/7. Whatever events are coming, they are sharing the report over the email. Wherever they need our intervention, they give us the instructions on how to fix it. Otherwise, they take care of the complete security on their own. The MDR team takes care of all the events and every log.

It is about visibility, and the value of deep visibility into my network activities provided by Sophos Cybersecurity as a Service is significant. The reason we shortlisted the product is the reports. They keep sharing every event, every log over the email so that my team can check what the critical things are and where their intervention is required. Otherwise, Sophos Cybersecurity as a Service MDR team takes care of everything. We need not get into each and every event and check what issues are going on. Most of the events are taken care of by Sophos Cybersecurity as a Service team. Only the things which are on our part, for example, any system that needs to be patched or any OS to be upgraded, come to us. Otherwise, Sophos Cybersecurity as a Service MDR team takes care of everything.

One feature which we would like to have in the product is the inventory. For example, if I have the agent installed on each machine and server, why can't we fetch the inventory details from the console? If you look at the competition products such as CrowdStrike, they give clear visibility into what software is installed, what legitimate tools are installed, and what software is not even licensed or may not be secure to install. Those things are reported back to the concerned team, maybe the systems teams, and they can use it brilliantly. Unfortunately, Sophos Cybersecurity as a Service doesn't provide that kind of visibility into what software or tools are installed on a particular system. There is a feature which requires running what you call an XG script to fetch those kinds of details. However, it is not on the GUI as other competitor companies are providing. That is the one feature we really miss. In terms of service and support, I don't think there is an issue because it is already a brilliant five-star service support.

The visibility feature that I already mentioned is the only primary feature which we are missing. The rest is absolutely fine. I don't think there is anything else which should be there.

We started using it from last year only. It has been one year now.

Technical support by Sophos Cybersecurity as a Service is excellent, and I can grade it as a 10. I don't have one issue with the technical support.

Service support has no problems, and as a product, if you talk about it, there are a couple of features which are missing. I may deduct one and a half points, so I will give them an 8.5.

Positive

The enhanced threat hunting and forensics provided by Sophos Cybersecurity as a Service have significantly helped my organization address cyberattacks. Sophos Cybersecurity as a Service takes care of the XDR logs, and any kind of anomalies or threats which they find, they take care of it. Any policies to be updated, any IP to be blocked, or any source or domain to be blocked, they just intimate to us that these are the things we need to take care of. Most of the things are otherwise taken care of by Sophos Cybersecurity as a Service team on their part.

Most of the things are on-premise, and cloud-based operation for centralized management is not important for my organization since we are not a cloud company. We don't have any payloads on the cloud. We have a small data center where we have multiple servers and everything on-premise only. We are not using any of the cloud security, cloud vertical, or cloud features from Sophos Cybersecurity as a Service. Most of the things are on-premise only.

The metrics I use to measure the effectiveness of Sophos Cybersecurity as a Service threat intelligence capabilities are straightforward. My uptime and business continuity are very important. Since the day we started using Sophos Cybersecurity as a Service MDR, there has not been a single incident. Even before something hits us, they get alerted and they take the required measures.

We are not familiar with SophosLabs Intelix as a threat intelligence platform.

I have given Sophos Cybersecurity as a Service an overall review rating of 8.5.

On-premises

Sophos Cybersecurity as a Service is primarily used for threat detection and response, and managed detection and response (MDR), which allows organizations that do not need to build their own security operations center. I have reduced investigation time, blocked ransomware and phishing attacks earlier, and freed IT teams from constant monitoring.

The best feature of Sophos Cybersecurity as a Service is the MDR and an adaptive AI platform.

Sophos Cybersecurity as a Service's MDR and AI platform have helped us catch threats faster and more accurately. A real example was when the MDR contained a malicious script overnight, preventing a wider breach. The AI also blocked phishing attempts before users saw them. Beyond that, proactive hunting and open ecosystem integration made the service even more valuable.

Sophos Cybersecurity as a Service has had a significant positive impact on our organization because the 24/7 MDR coverage means threats are contained even overnight, and the AI platform gives us visibility we did not have before. It reduced our team's overload, sped up response time, and improved business continuity. Overall, it has made security operations more efficient and reliable.

While Sophos Cybersecurity as a Service has been very effective, I would like to see more customizable reports that are perhaps more intuitive or easier for the different departments.

I have been using Sophos Cybersecurity as a Service for around two years.

Sophos Cybersecurity as a Service is very stable.

Sophos Cybersecurity as a Service is very scalable.

I find Sophos Cybersecurity as a Service's customer support helpful and fast.

Response times have improved dramatically with Sophos Cybersecurity as a Service. Incidents that used to take hours now often get resolved in under an hour. Overnight containment has eliminated downtime from late-night breaches, and ransomware attempts have been stopped before they spread. Overall, it has saved us dozens of staff hours each week and keeps business operations running smoothly.

My advice to others looking into using Sophos Cybersecurity as a Service is to lean on MDR for 24/7 coverage and integrate Sophos Cybersecurity as a Service into your existing workflow instead of replacing tools. Start with sandbox analytics to see its value quickly and balance AI output with human oversight. Plan ahead for reporting and integration needs, and you will get the most out of the service.

Regarding Sophos Cybersecurity as a Service's AI capabilities, I think its governance and security are solid. The explainable reports and privacy safeguards give us confidence in compliance audits. Sandbox analysis reliably uncovers threats, but human analyst validation ensures accuracy. Though reporting customization could be improved, overall, it is a trustworthy balance of AI power and responsible governance.

I have found Sophos Cybersecurity as a Service's AI output to be accurate and reliable. Sandbox reports consistently give us clarity, and automated enrichment makes alerts actionable right away. I would rate this review an 8 out of 10.

Public Cloud

Microsoft Azure

I use Sophos Cybersecurity as a Service for endpoint protection and threat detection across laptops and servers. Sophos Cybersecurity as a Service helps us centralize monitoring and respond faster without needing a big in-house SOC. Many peers highlight its value in reducing complexity while keeping coverage strong.

In my daily work, I use Sophos Cybersecurity as a Service to monitor endpoints and block suspicious activity in real-time. For example, when a phishing email slipped through, the service flagged the malicious attachment before it spread. Peers often mention this proactive detection as a key benefit in routine operations.

Sophos Cybersecurity as a Service has positively impacted us by reducing the time I spend chasing alerts and false positives. Since adopting Sophos Cybersecurity as a Service, I have seen faster incident resolutions and fewer disruptions to daily operations.

The best features Sophos Cybersecurity as a Service offers are the centralized threat monitor and automated response, which reduce manual workload.

The centralized threat monitor and automated response from Sophos Cybersecurity as a Service helped us stop a ransomware attempt quickly. The system isolated the affected endpoint before it could spread, saving us hours of manual work. Peers often mention that this automation reduces stress and lets teams focus on strategic tasks instead of firefighting.

One area for improvement in Sophos Cybersecurity as a Service would be the reporting dashboard, which sometimes feels limited compared to peers. I would like to see more granular analytics and customizable alerts. Reviews also mention the integration with third-party tools could be smoother.

I have been using Sophos Cybersecurity as a Service for around two years.

Sophos Cybersecurity as a Service is very stable.

Sophos Cybersecurity as a Service is very scalable, which is beneficial for us.

The customer support for Sophos Cybersecurity as a Service is great and excellent.

My experience with the setup is great, but the pricing is unclear because I do not understand it completely.

I think about the time saved as a return on investment from Sophos Cybersecurity as a Service.

The AI capabilities in Sophos Cybersecurity as a Service feel well-governed with clear policies on detection and response. It balances automation with transparency, so alerts do not feel confusing or opaque. Peers often note that this governance builds trust and ensures security decisions remain accountable.

The AI output from Sophos Cybersecurity as a Service has been accurate and reliable in our experience, catching real threats while minimizing false positives. For example, it flagged a suspicious script that turned out to be malicious, which peers also note as a common strength. Overall, the consistency of detection builds confidence in day-to-day operation.

I rate the customer support a nine on a scale of one to ten.

My advice is to clearly define your security needs before adopting Sophos Cybersecurity as a Service. It works best when you leverage its centralized monitor and automation response features fully. Peers often suggest starting with the endpoint protection and scaling gradually to avoid overwhelming your team. I rate this review an eight overall.

Public Cloud

Microsoft Azure

My main use case for Sophos Cybersecurity as a Service is endpoint and network protection, ensuring that laptops, servers, and other devices and cloud workloads are monitored with Sophos Cybersecurity as a Service. I centralized threat detections and response, which is similar to a SOC.

A quick example of how I use Sophos Cybersecurity as a Service for endpoint and network protection in my day-to-day work occurred last week when Sophos Cybersecurity as a Service flagged unusual outbound traffic from one endpoint, and the automatic response isolated the device from the network so the suspicious activity did not spread. Peers often mention this kind of real-time containment as a daily benefit of using the service.

The best features that Sophos Cybersecurity as a Service offers include centralized threat monitoring and automatic response, which cut down manual efforts, along with strong endpoint protection and phishing detection that peers consistently highlight.

Centralized monitoring and automatic response have made things much easier for me and my team compared to what we used before. Previously, my team had to manually sift through logs and chase alerts across different tools, which was time-consuming and often delayed our reaction. Now with Sophos Cybersecurity as a Service, it consolidates everything in one dashboard and automatically isolates suspicious endpoints.

Sophos Cybersecurity as a Service has impacted my organization positively by streamlining how we handle threats and reducing downtime. Before, my teams spent a lot of time chasing alerts across different systems. Now, with the centralized monitoring and automatic response, incidents are contained quickly and consistently.

For improvement, I suggest dashboard flexibility, more customizable views, and reporting for different teams, along with alert precision for finer tuning to reduce false positives and noise.

I have been using Sophos Cybersecurity as a Service for around two years.

Sophos Cybersecurity as a Service is very stable.

Scalability of Sophos Cybersecurity as a Service is very good, with no problems because the cybersecurity is in the cloud.

For me, customer support has been very great.

Previously, I used Check Point as a different solution.

I think the return on investment with Sophos Cybersecurity as a Service is primarily about the time saved for my team.

Since using Sophos Cybersecurity as a Service, I have seen measurable improvements such as faster incident response, fewer successful attacks, and significant efficiency gains for IT teams, with independent evaluations showing near-perfect detection rates and response times under two minutes, translating directly into saved hours and reduced risk.

My experience with pricing, setup cost, and licensing has been great, though I do not understand the licensing very well.

Before choosing Sophos Cybersecurity as a Service, I did not evaluate other options.

I would add that Sophos Cybersecurity as a Service has become part of my daily routine by simplifying endpoint checks and network monitoring, with alerts that are clear and actionable so I do not waste time chasing noise.

Regarding Sophos Cybersecurity as a Service's AI capabilities, I find it combines advanced AI with strict governance and layered security controls, ensuring both reliable detection and response and responsible use of automation.

Accuracy and reliability of Sophos Cybersecurity as a Service AI output is generally impressive, with independent evaluations showing high detection rates with threats identified quickly and consistently, which reduces the number of incidents that reach IT teams.

My advice for others looking into using Sophos Cybersecurity as a Service would be to evaluate automation, plan integration, and customize alerts. I rate this product an 8 overall.

Public Cloud

Microsoft Azure

Sophos Cybersecurity as a Service is our main solution to ensure secure operations as we build and connect more clients successfully, while also addressing our specific requirements. We have been using Sophos Cybersecurity as a Service, which provides many functionalities, including a taskbar that shows resource consumption from PCs, leading to good customer feedback. When Sophos resources are low, customers purchase more, recognizing it as a useful product.

We use mobile device management (MDM) services, and customer feedback indicates that it works very well for their custom work apps, benefiting both us and them.

Sophos Cybersecurity as a Service is deployed in our organization for cloud security purposes. Currently, we are not utilizing any specific cloud provider; instead, we are using Sophos endpoint security.

The best feature that Sophos Cybersecurity as a Service offers is Sophos XDR.

Sophos XDR stands out as the best feature for us and our clients because of its ability to investigate issues like a MITRE attack, conduct live discovery, and perform root cause analysis to understand how attackers attempt to access PCs.

Sophos Cybersecurity as a Service has positively impacted our organization by being very beneficial for our business and serving as a valuable income source.

The AI capabilities within Sophos Cybersecurity as a Service are very good, as it effectively detects incidents and tracks how issues occurred, providing a high level of security for banking and other sectors.

Sophos AI proves to be very capable for us in terms of input and output; when it detects any anomaly or file path, we are able to investigate it utilizing Sophos AI, which is very useful for us.

Sophos Cybersecurity as a Service is continuously consuming more resources, which leads to slower PC performance, so reducing resource consumption would be better for both Sophos products and our sales.

Improving the resource consumption aspect would enhance Sophos Cybersecurity as a Service market presence.

If Sophos antivirus could reduce its resource consumption during scheduled scans, it would help address the PC slowness issue.

We have been using Sophos Cybersecurity as a Service for at least 10 years since our company was established in 2016, and we are still using it currently.

Sophos Cybersecurity as a Service is stable.

The scalability of Sophos Cybersecurity as a Service is really great.

Our customer support is excellent, with 24/7 availability, handling at least 15 calls per week to solve client issues.

We did not use a different solution before opting for Sophos Cybersecurity as a Service; we have always focused on Sophos along with options like Palo Alto, Cortex XDR, and CrowdStrike.

We experience a return on investment from using Sophos Cybersecurity as a Service; for example, when we pre-configure it during installations for devices, it proves to be working well and saves time. I cannot provide specific monetary metrics since this is handled by our product team.

We did not evaluate any other options before choosing Sophos Cybersecurity as a Service; our team has consistently used Sophos Cybersecurity engineering and has not switched to other services such as XDR or CrowdStrike.

When advising others about using Sophos Cybersecurity as a Service, I emphasize that the main reason to choose Sophos Cybersecurity as a Service is its effective incident management; unlike other providers such as CrowdStrike, which have faced issues with server hacks and resource consumption, Sophos Cybersecurity as a Service has maintained a good reputation and is our best solution. I would rate this product a 9 overall.

On-premises

Other

Sophos Cybersecurity as a Service protects our cloud workloads and endpoints from ransomware and phishing. The managed service constantly monitors for threats so we don't need a large in-house security team. It is especially useful during off-hours, since alerts and response are handled automatically, keeping our environment secure without gaps.

The best feature about Sophos Cybersecurity as a Service is threat response automation because suspicious activities are contained quickly without waiting for manual intervention, which reduces damage.

Threat response automation in Sophos Cybersecurity as a Service fits into our daily operation by cutting down reaction time. When suspicious activity is detected, the system automatically isolates affected endpoints, blocks malicious traffic, and alerts the managed team. For us, that means incidents are contained before they escalate, and we don't lose hours manually chasing threats.

It has impacted our organization very positively. The biggest improvement has been efficiency. The managed team handles alerts and incidents so our IT staff can focus on projects instead of constant monitoring. We have also seen cost savings by not needing to expand our in-house security team. Most importantly, resilience has improved. Ransomware attempts were contained quickly, giving us confidence that threats will not disrupt operations.

I have very concrete outcomes with Sophos Cybersecurity as a Service. For example, automated threat response saved our team an estimated ten to fifteen hours per month that they used to spend chasing alerts manually. By relying on the managed service instead of expanding our in-house staff, we avoided hiring at least one additional security analyst, resulting in cost savings. During the phishing incidents, containment was complete in under an hour, compared to the full day it used to take us before Sophos Cybersecurity as a Service.

There are a few areas where Sophos Cybersecurity as a Service could be improved. One area is dashboard usability, another is alert tuning, and another is reporting customization.

Alert tuning would help us focus on critical issues faster, reducing wasted time on minor notifications. More flexible report customizations would let us align outputs directly with compliance frameworks, making audits smoother.

I rate my use of Sophos Cybersecurity as a Service as a nine.

I used Check Point Security Infinity Portal in the past. However, that solution is very high cost, and I needed to switch to Sophos Cybersecurity as a Service because it is better for me.

We had a phishing attack attempt where several employees clicked a suspicious link. Sophos Cybersecurity as a Service immediately flagged the activity, isolated the affected endpoints, and blocked further spread. The managed team notified us quickly, and within the same day, everything was contained and cleaned, saving us from what could have been a major breach.

Sophos Cybersecurity as a Service really helps with day-to-day peace of mind. During patch cycles when vulnerabilities are at their highest, the managed service keeps monitoring and blocking exploit attempts automatically.

One small feature I would add is the centralized dashboard. Having all alerts, reports, and threat actions in one place makes daily monitoring much easier. I also appreciated the scalability. For example, new users or workloads inherit policies instantly.

Sophos Cybersecurity as a Service uses AI with strong governance and security controls, combining deep learning models with human oversight to ensure threats are detected, contained, and reported in a transparent, auditable way. This balance of automation and accountability makes its AI outputs trustworthy for compliance-driven organizations.

It delivers highly accurate and reliable AI outputs by combining deep learning models with human review, minimizing false positives while ensuring rapid detection of real threats. Overall, I find Sophos Cybersecurity as a Service to be very great and very fast. I rate the overall product experience as a nine.