We performed a comparison between Cortex XDR by Palo Alto Networks and Sophos Intercept X based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Overall, users of Cortex XDR by Palo Alto Networks give the product higher ratings because its deployment is easier, it has a great set of features, it is affordable, and the technical support is helpful.
"The most valuable feature at this moment is that Cisco AMP or Cisco Secure Endpoint solution is delivering a lot of things, and I always say to a lot of customers that if we didn't have Cisco AMP, we probably would have had ransomware somewhere. So, it's protecting us very well from a lot of hackers, malware, and especially ransomware."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"The integration with other Cisco products seemed to be really effective. We had Umbrella in place and we were using AnyConnect as well as Firepower. Once a threat was detected, being able to do the threat lookups and the live tracking was really useful."
"Cisco has definitely improved our organization a lot. In terms of business, our company feels safer. We actually switched from legacy signature-based solutions to threat intelligence-based and machine learning-based solutions, which is Cisco Secure. This has improved our security significantly, from 10% of signature-based technology security to 99.9% of the current one which we are running. We were happy."
"Device Trajectory is one of the most valuable features. We're able to dig in and really understand how things came to be and where to focus our efforts."
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected."
"The best feature that we found most valuable, is actually the security product for the endpoint, formerly known as AMP. It has behavioral analytics, so you can be more proactive toward zero-day threats. I found that quite good."
"This software helps us understand any issues that may arise when someone is not at work."
"The solution allows control over the user and his machine through Cortex XDR security policies."
"The most valuable for us is the correlation feature."
"The solution allows us to make investigations. Other XDR solutions also provide similar capabilities but for investigation, Cortex XDR is better."
"Cortex XDR lets us manage several clients from the same console, and its endpoint defense is more advanced than traditional antivirus."
"The most valuable feature of Cortex XDR by Palo Alto Networks is the low consumption of system resources. The solution uses a lot of AI and machine learning."
"The user interface of the solution is sophisticated and straightforward."
"It is easy to use."
"It is very easy to set up and easy to use. It is also not resource-intensive."
"Ransomware protection is the most valuable feature of this solution."
"The most valuable features of Sophos Intercept X are the minimal configuration needed for the end user and the central view of all the endpoints. There are plenty of tools to control and manage the endpoints. Additionally, there is the capability of connecting the endpoint to the CLI."
"Intercept X's smart prevention it's very good as so are its machine learning capabilities for troubleshooting channels and files."
"Sophos Intercept X is a complete endpoint solution."
"Offers artificial intelligence, security metrics and a lot of information gathered to make decisions."
"One reason why I have stuck with Sophos is because it grabs it and deals with it, and if it's known malware, it can quarantine it or delete it."
"The most valuable feature of Sophos Intercept X is a web filtering and URL sanity checks. Overall the solution is well balanced with all its features."
"In terms of the user experience, if the UX design could be much simpler [that would improve things]... if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something."
"The integration of the Cisco products for security could be better in the sense that not everything is integrated, and they aren't working together. In addition, not all products are multi-tenant, so you can't separate different customer environments from each other, which makes it a little bit hard for a managed service provider to deliver services to the customers."
"An easier way to do deduplication of machines, or be alerted to the fact that there's more than one instance of a machine, would be useful... That way you could get a more accurate device count, so you're not having an inflated number."
"Cisco is good in terms of threat intelligence plus machine learning-based solutions, but we feel Cisco is lagging behind in using artificial intelligence in its systems."
"On the firewall level, they were lagging a little bit behind, but they are running up again. I have full trust in the new 3000 series of firewalls where we would also be able to look more into the traffic that we're monitoring and get more security layers in our services. That would definitely be a big step."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"Its price is okay for us, but it can always be better. There's always room for improvement when it comes to pricing."
"The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product."
"They've been having some issues with updating their endpoint agents, and it has been quite frustrating."
"Technology evolves every day, so it would be nice if it gets more secure. It can also have more integration with other platforms."
"Cortex XDR by Palo Alto Networks can improve mobile integration to allow access to the console."
"In an upcoming release, the solution could improve by proving hard disk encryption. If it could support this it would be a complete solution."
"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."
"It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."
"There are some third-party solutions that are difficult to integrate with, which is something that can be improved."
"The tool needs to be improved in terms of integration and interface."
"Better protection in the endpoint, server, and mobile is needed."
"The graphical interface could improve. Additionally, adding less expensive mobile device support would be helpful. Other solutions have this feature."
"I would like to see better support for virtual and desktop infrastructures."
"As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of."
"I would like the solution to have more functions and to be more user-friendly."
"Sophos has a lot of different features. Some of them are tied to different clients, which may mean that different prices or licenses have to be added on. It can be a little bit confusing if you're not familiar with the logic of how they work. They can make it a little bit clearer."
"Sophos Intercept X doesn't have its own firewall that utilizes the Windows Firewall or intrusion prevention."
"Intercept X needs more reporting and device management features, so I can get messages from PCs that let me know if I need to do something with them."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities.
Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader.
Learn more about Secure Endpoint: www.cisco.com/go/endpoint
Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints.
Reviews from Real Users
Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.
Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."
Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
Cortex XDR by Palo Alto Networks is the first threat detection and response software to combine both visibility across all types of data as well as autonomous machine learning analytics. Threat detection very often requires analysts to divide their attention among many different data streams. This platform unifies a vast variety of data flows, which allows analysts to assess threats from a single location. Users can now maintain a level of visibility that other threat detection programs simply cannot offer. This level of transparency lends itself to both quick identification of problems that arise and the equally quick development of a potential solution.
Cortex XDR’s machine learning works on many different levels to detect and prevent threats. It is constantly scanning for threats and vulnerabilities. The solution can scan up to 5.4 billion IP addresses in three-quarters of an hour. This allows it to spot weak points in the system and notify administrators long before hackers can take advantage of vulnerabilities. Once the Artificial Intelligence (AI) discovers an issue or an area where an issue could potentially take place the system creates a log of the information and subsequently sends an alert to system administrators. The AI takes the information that it has gathered and uses it to assign threat levels to the issues that it detects. Following this, a human analyst will be assigned to manually assess the issue and deal with it accordingly. You can set it to automatically respond to the threat by isolating the issue while analysts investigate it.
Benefits of Cortex XDR
Some of Cortex XDR’s benefits include:
Reviews from Real Users
Cortex XDR by Palo Alto Networks software stands out among its competitors for a number of reasons. Two major ones are its ability to isolate threats while enabling them to be studied and the way that the software combines all of the data that it gathers into a single, more complete picture than other solutions offer.
PeerSpot users note the effectiveness of these features. A network designer at a computer software company wrote, “The solution has a very helpful isolation feature. If any system gets compromised, with one click I can access the system and isolate it from other networks, and then go into further forensic investigation of the current threat without compromising anything else.”
Jeff W., Vice President/CTO at Sinnott Wolach Technology Group, noted, “The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly.”
Sophos Intercept X is an EPP (endpoint protection for business) tool that uses deep learning malware detection, exploit prevention, anti-ransomware, and more, to stop attacks. The solution has key security capabilities to protect your company’s endpoints. Sophos Intercept X is a well-thought-out and designed solution that is comprehensive. Large companies with an IT team and many endpoints to protect are the most suitable for this solution.
Sophos Intercept X Features
Sophos Intercept X has many valuable key features. Some of the most useful ones include:
Sophos Intercept X Benefits
There are many benefits to implementing Sophos Intercept X. Some of the biggest advantages the solution offers include:
Reviews from Real Users
Sophos Intercept X is a solution that stands out when compared to many of its competitors. Some of its major advantages are its ease of management, effective blocking capabilities, and good security.
A President at a tech vendor says, "The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer."
PeerSpot reviewer Ashis D., Hybrid Cloud Engineer at a tech services company, comments, “So far, the solution has met all our expectations. It's blocked malicious websites effectively and stopped people from going to places online that they shouldn't be going to. It's automatic. We simply took the default settings and we were finding people right away that were going to illicit sites, and we were able to see that easily in the console. The package we use also comes with spam filtering features, which are quite useful.”
Mike P., Senior CyberSecurity Architect and Mentor at BlueTeamAssess LLC, states, "The most valuable feature of Intercept X is its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because I could go in and get it back."
An Information Systems Coordinator at an insurance company mentions, “It's very good at security and protection. It offers very good reports.”
Cortex XDR by Palo Alto Networks is ranked 4th in EPP (Endpoint Protection for Business) with 46 reviews while Sophos Intercept X is ranked 9th in EPP (Endpoint Protection for Business) with 41 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Sophos Intercept X is rated 8.4. The top reviewer of Cortex XDR by Palo Alto Networks writes "Easy to set up, reliable, and always scanning". On the other hand, the top reviewer of Sophos Intercept X writes "Complete solution, scales well, is reliable, has competitive pricing, and has excellent technical support". Cortex XDR by Palo Alto Networks is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Darktrace, SentinelOne Singularity Complete and Check Point Harmony Endpoint, whereas Sophos Intercept X is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon, Kaspersky Endpoint Security for Business and ESET Endpoint Security. See our Cortex XDR by Palo Alto Networks vs. Sophos Intercept X report.
See our list of best EPP (Endpoint Protection for Business) vendors and best Ransomware Protection vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.