We performed a comparison between Crowdstrike Falcon and Sophos Intercept X based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, the two products are very similar. Crowdstrike Falcon comes out ahead in this comparison simply because it is easier to deploy than Sophos Intercept X.
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"The visibility into threats that 365 Defender provides is really good. You get a full review of your security system and what can be improved. In the Microsoft 365 Defender portal the first page gives you a really big summary of which security policies you are following and what can be improved."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"Having a single pane of glass for all Microsoft security services makes everything much easier. A security analyst can go to a single portal and see everything in one view. The integration of everything into one portal is a huge benefit."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"It's very easy to set up."
"Overall, what I found most valuable in CrowdStrike Falcon is its good mechanism. It also has a good reporting feature. CrowdStrike Falcon is an invaluable tool because, through it, you can take quick action, for example, when an OS is missing specific patches."
"The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."
"CrowdStrike Falcon is effortless to use, and it's a cloud-specific platform. You only need to deploy the light agents on the licensed endpoints, and you're ready to work. Your dashboards will tell you the number of the endpoints being protected and the incidents. There are also incident dashboards with alerts that will tell you about the details."
"The features we showcase to potential customers are prevention, malware protection, zero-day protection, and application scripting. Vulnerability assessment is another valuable feature."
"I like the Overwatch feature the most."
"The most valuable features of CrowdStrike Falcon are the AI in detecting and real-time detections."
"The solution is silent and sits on your system as one single agent."
"The most valuable feature of Intercept X its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because could go in and get it back."
"The dashboard is user-friendly."
"The most valuable feature is that it literally works. We have reduced a lot of complaints after switching to Sophos."
"The most valuable features of Sophos Intercept X are the ease of use and the policy options that are simple to understand. Overall, the protection is good."
"Intercept X's smart prevention it's very good as so are its machine learning capabilities for troubleshooting channels and files."
"It is one of the best in terms of technicality."
"Sophos Intercept X is a very effective solution and its being cloud-based is a benefit. Wherever my users are, I can apply policies to them. In the era of mobility, when users are out of the office or they're in different locations, it doesn't matter."
"The stability on offer is fine."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"Intrusion detection and prevention would be great to have with 365 Defender."
"The biggest thing that is missing in the system is the handling of third-party applications. Microsoft keeps ignoring the world where most of my users prefer to work with Google Chrome. It enables you to apply updates and fixes for Edge, but you cannot do that for Chrome or Mozilla or Firefox."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"Tighter integration around XDR could be included."
"We can do a threat analysis of any machine at any time, but that threat analysis is very limited."
"CS Falcon sensing capabilities for non-domain machines should be enhanced since the agent doesn't detect the neighbor's IP Address and/or any anomaly which was identified in the network for the non-domain machine."
"For CrowdStrike to work, all the machines need to have an internet connection. This makes it challenging to assist customers without an internet connection. We would like to have a mechanism or relay to make this possible."
"This solution is relatively expensive."
"The overall cost of CrowdStrike Falcon could be reduced."
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"The performance could be better."
"The deployment part needs to be improved."
"I'm not clear on what features need improvement. Everything is mostly fine."
"Sophos Intercept X could improve on its setup process. They could make it easier to have a baseline set up for the system, or at least provide more understanding of what the baseline is when you first install it. This could be a matter of lack of training on my part, but it's difficult to receive training on solutions that are not Cisco. Cisco is the only vendor with classes or courses."
"Better protection in the endpoint, server, and mobile is needed."
"There is room for improvement in terms of stability and updates."
"We are not able to merge the sub-estates. If we create multiple sub-states and there may be instances where a user is in a different sub-state, it may not be possible for us to relocate that user from one sub-state to another through the console. We have to merge them manually which is not ideal."
"There should be a report including a flowchart or diagram. It will be useful to evaluate the software’s effectiveness."
"They should keep doing what they're doing. Both of them have entered the EDR/MDR space, and they're keeping up with their competitors. I have a hard time understanding why their capabilities aren't garnering more attention."
Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.
CrowdStrike Falcon is ranked 3rd in EPP (Endpoint Protection for Business) with 50 reviews while Intercept X Endpoint is ranked 5th in EPP (Endpoint Protection for Business) with 27 reviews. CrowdStrike Falcon is rated 8.6, while Intercept X Endpoint is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Robust threat hunting and great ability to do on-keyboard remote response and quarantining of devices". On the other hand, the top reviewer of Intercept X Endpoint writes "Complete solution, scales well, is reliable, has competitive pricing, and has excellent technical support". CrowdStrike Falcon is most compared with Microsoft Defender for Endpoint, Darktrace, Trend Micro Deep Security, SentinelOne Singularity Complete and Trend Micro XDR, whereas Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, Kaspersky Endpoint Security for Business, Cortex XDR by Palo Alto Networks and Bitdefender GravityZone EDR. See our CrowdStrike Falcon vs. Intercept X Endpoint report.
See our list of best EPP (Endpoint Protection for Business) vendors, best EDR (Endpoint Detection and Response) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.