We performed a comparison between Carbon Black CB Defense and Sophos Intercept X based on real PeerSpot user reviews.
Find out in this report how the two EPP (Endpoint Protection for Business) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts."
"The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"The integration with other Cisco products seemed to be really effective. We had Umbrella in place and we were using AnyConnect as well as Firepower. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"appreciate the File Trajectory feature, as it's excellent for an analyst or mobile analyst. I can track everything that happens on our server from my PC or device. Integration with SecureX is a welcome feature because it connects Cisco's integrated security portfolio with our complete infrastructure. Sandboxing is helpful, and integration with the Cisco environment is excellent as we use many of their products, and that's very valuable for us."
"Once the solution is installed and configured correctly it does not require a lot of hands-on attention until you need upgrading."
"One of the most valuable features is that it will block vulnerable sites. If there was a connection between one of our devices to a known malware site, it will block it."
"We have another piece of that infrastructure that does what they call threat emulation. It's like sandboxing where it takes files that it doesn't know about, puts them in a VM-type environment, and it kicks them off to see if there's any malware or tendencies that might look like malware, that kind of thing."
"The solution is very useful and easy to handle. You don't need much intervention with this product."
"Technical support is excellent."
"It has intelligent learning behind it and we have been very successful in preventing attacks."
"The best feature of this solution is that we have a live response, which is really tailored to our needs."
"I like the historical features, interface, and integration."
"It is easy to interact with, and its cost is also good."
"There are additional security features in Sophos Intercept X as well as proxy rules and settings that help us in minimizing the sites that our agents can go to, even after their work hours."
"The solution is scalable."
"This solution can be used with any device, mobiles, desktops, or any appliances."
"This solution offers very good performance and it has great features."
"The base product and the anti-malware feature are most valuable."
"The stability on offer is fine."
"Offers artificial intelligence, security metrics and a lot of information gathered to make decisions."
"We had a lot of noise at the beginning, and we had to turn it down based on exclusions, application whitelisting, and excluding unknown benign applications. Cisco should understand the need for continuous updates on the custom Cisco exclusions and the custom applications that come out-of-the-box with the AMP for Endpoints."
"This product has issues with the number of false positives that it reports."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"I would like to see integration with Cisco Analytics."
"It could be improved in connection with artificial intelligence and IoT."
"An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful... That way you could get a more accurate device count, so you're not having an inflated number."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"The solution needs expanded endpoint query tools."
"In the next release, it would help if we can get better control over containers."
"There are many different controls that are needed to be put into place for upgrading that makes it difficult. Having to re-engineer your IT infrastructure to match their software, as opposed to having it integrate and work independently causes difficulties. When there is an update to any software everyone has to be involved."
"They will most likely need to create or include a feature that checks the network."
"What was rolled out to my company are mixed versions of Carbon Black CB Defense, so what I'd like to see in the next release is more synchronization, where it can detect the endpoint that's running an old version and suggest updates."
"The application control can be improved. It should also have an automatic update of the agents."
"With the on-prem one, the bug has been reported by the community in early January or February, something like that, at the beginning of the year, and it's still not addressed. They have released two versions since then, and yet neither of them addresses this specific issue."
"Based on all the security roles and the release privilege, it could take time for an application to be whitelisted and approved for use."
"We would like to deploy across a variety of machines simultaneously through the network."
"I would like the solution to have more functions and to be more user-friendly."
"Through Sophos Central I would like to see the ability to zero in and produce a report about the challenges being faced by a particular machine and user, to know if a virus is appearing only on that specific machine or also on others."
"We would like more application control in order to be able to schedule times and access."
"The detection and the AI capabilities should be improved upon."
"The deployment part needs to be improved."
"It's a challenge to do system maintenance work on a notebook. You always have to disable Sophos first."
"If we can lower the price, it will be fantastic because it will generate more revenue for us."
Carbon Black CB Defense is ranked 10th in EPP (Endpoint Protection for Business) with 29 reviews while Sophos Intercept X is ranked 6th in EPP (Endpoint Protection for Business) with 56 reviews. Carbon Black CB Defense is rated 7.8, while Sophos Intercept X is rated 8.6. The top reviewer of Carbon Black CB Defense writes "The manage, detect, and response feature enables Carbon Black to continuously check logs and advise us on how to improve some of the policies". On the other hand, the top reviewer of Sophos Intercept X writes "Great reporting and good training with a pretty straightforward setup". Carbon Black CB Defense is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, SentinelOne, Carbon Black CB Response and Bitdefender GravityZone Ultra, whereas Sophos Intercept X is most compared with Microsoft Defender for Endpoint, SentinelOne, CrowdStrike Falcon, Kaspersky Endpoint Security for Business and Seqrite Endpoint Security. See our Carbon Black CB Defense vs. Sophos Intercept X report.
See our list of best EPP (Endpoint Protection for Business) vendors and best EDR (Endpoint Detection and Response) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
