"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts."
"The most valuable feature is signature-based malware detection."
"The ability to detonate a particular problem in a sandbox environment and understand what the effects are, is helpful. We're trying, for example, to determine, when people send information in, if an attachment is legitimate or not. You just have to open it. If you can do that in a secure sandbox environment, that's an invaluable feature. What you would do otherwise would be very risky and tedious."
"One of the best features of AMP is its cloud feature. It doesn't matter where the device is in regards to whether it's inside or outside of your network environment, especially right now when everybody's remote and taken their laptops home. You don't have to be VPNed into the environment for AMP to work. AMP will work anywhere in the world, as long as it has an Internet connection. You get protection and reporting with it. No matter where the device is, AMP has still got coverage on it and is protecting it. You still have the ability to manage and remediate things. The cloud feature is the magic bullet. This is what makes the solution a valuable tool as far as I'm concerned."
"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"I have found Bitdefender GravityZone Ultra to be highly scalable."
"The advanced direct control on offer is excellent."
"The Ultra is a valuable feature."
"The most valuable features are the solution's thorough detection and ease of use."
"The nice thing about Bitdefender is that it has modules and layers that you can add as the requirement becomes more sophisticated and dangerous or threatening."
"The most valuable features are the anti-malware and firewall policies. The runtime scans and execution have been beneficial to our business."
"The setup was easy."
"I like GravityZone's short implementation time. It takes only a day, at most."
"The base product and the anti-malware feature are most valuable."
"The most valuable feature is the CryptoGuard in Sophos. In a case of a ransomware attack, this feature comes into action to protect us."
"It is not just a simple virus scanning product. It handles more advanced needs."
"It is stable and has a good price. I find it very good."
"The key factor that attracted me to Sophos Intercept X was the multi-platform. I have multiple clients that have mixed environments of Mac and Windows. I am able to deliver a standard solution, regardless of the platform."
"The solution is easy to install."
"The deployment is quick. It just depends on the environment and what you may be replacing."
"I find the security heartbeat feature with synchronized security very useful. It's a very nice feature that allows you to basically switch off an endpoint. When an endpoint has got a virus or something like that, or it's infected or compromised, you can isolate it from the network, but only if you've got an XG Firewall as well. It also provides ease of use. It is the only antivirus that can recognize 25 out of the 36 ransomware and virus techniques that have been often used in terms of the behavior base using heuristics. It's beautiful, utterly amazing. No other antivirus can do that."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"I would like to see integration with Cisco Analytics."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"It could be improved in connection with artificial intelligence and IoT."
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"We have had some problems with updates not playing nice with our environment. This is important, because if there is a new version, we need to test it thoroughly before it goes into production. We cannot just say, "There's a new version. It's not going to give us any problems." With the complexity of the solution using multiple engines for multiple tasks, it can sometimes cause performance issues on our endpoints. Therefore, we need to test it before we deploy. That takes one to three days before we can be certain that the new version plays nice with our environment."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"There is a need to work on the deployment, when it comes to deploying to Windows machines with regards to downloading the size of the package."
"The software itself is solid. It would be better if it was more of a real-time solution, like SentinelOne. The one thing that holds me back on the SentinelOne side is that I can blacklist websites and stuff like that, but it's not as granular as Bitdefender. With Bitdefender, I feel like I have more control over what I can whitelist and blacklist."
"The graphical user interface for EDR could be improved."
"The only problem we have, and I don't know if maybe it's the package we bought, is that it lacks the parts of data protection and application blacklisting."
"I would like to see the capability for remote installation added, in particular for servers."
"The one thing I'd say about their complete MDR product is that it's too expensive, which is why I prefer to use an alternative SOC and integrate Bitdefender to a different SOC on their own."
"Occasionally websites are unnecessarily blocked due to monitoring software on those sites."
"They need to improve their encryption capabilities."
"Sophos Intercept X doesn't have its own firewall that utilizes the Windows Firewall or intrusion prevention."
"From the management side, we receive detailed information. Sophos has many features, such as Threat Hunting but that comes with the XDR version of the solution. There's Sophos Intercept X and then there's Sophos Intercept X with XDR technology. We bought the XDR and then now the MTR, Managed Threat Response version available too. They have different packages for clients which gives them different options to pick from. If Sophos could combine more features into one package it would be beneficial."
"Should include additional integration."
"The majority of our systems are MacBooks and their solution release cycle is slow to endorsing or support the MacBook's latest OS or hardware platform. For example, when Sophos macOS Big Sur version 11 was released, it took them a while to support this version of OS. A similar situation occurred when the MacBook M1 hardware CPU was released. They have not fully supported the native M1 CPU to this day. They need to speed up the solutions release cycle."
"I would like to have a built-in firewall, rather than having to integrate one."
"The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?""
"It would be better if it can automatically generate a report for each and every user so that the users get to know the things that shouldn't be accessed from their PCs. It can have information about malicious and non-malicious sites so users are aware of them, and they don't access malicious websites. Such reports can be generated at the end of the day. We should also be able to get through to their support team quickly. Currently, it takes more than half an hour to get through to a technical person."
"It consumes a lot of resources, and something needs to be done for that."
More Bitdefender GravityZone Ultra Pricing and Cost Advice →
Bitdefender GravityZone Ultra is ranked 9th in Endpoint Detection and Response (EDR) with 20 reviews while Sophos Intercept X is ranked 5th in Endpoint Detection and Response (EDR) with 63 reviews. Bitdefender GravityZone Ultra is rated 8.6, while Sophos Intercept X is rated 8.6. The top reviewer of Bitdefender GravityZone Ultra writes "Great security with excellent standard policies and extremely stable". On the other hand, the top reviewer of Sophos Intercept X writes "Great reporting and good training with a pretty straightforward setup". Bitdefender GravityZone Ultra is most compared with SentinelOne, Microsoft Defender for Endpoint, CrowdStrike Falcon, Carbon Black CB Defense and Check Point Harmony Endpoint, whereas Sophos Intercept X is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, SentinelOne, Cortex XDR by Palo Alto Networks and Trend Micro Apex One. See our Bitdefender GravityZone Ultra vs. Sophos Intercept X report.
See our list of best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
