We performed a comparison between Crowdstrike Falcon and Sophos Intercept X based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, the two products are very similar. Crowdstrike Falcon comes out ahead in this comparison simply because it is easier to deploy than Sophos Intercept X.
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"The most valuable aspect is undoubtedly the exploration capability"
"It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"Scalability hasn't been an issue for us."
"There's almost no maintenance required. It's very low if there's any at all."
"CrowdStrike Falcon has done an excellent job at detecting breaches. It has allowed us to stay in business and keep our systems up."
"It seems to do a pretty good job of protecting the host. It offers good insights that it gives you when it has a detection. It's pretty incredible."
"As an EDR tool, we can integrate log management and event management. The solution deals with threats automatically, that's the advantage."
"The automatic alert feature is the most important feature of the solution."
"I like the feature called RTC, the remote time connector."
"The CS falcon agent is a lightweight agent compared with other agents of EDR products."
"The product is user-friendly."
"We find the app control and its threat protection to be the best features."
"The threat analysis center is nice."
"It is not just a simple virus scanning product. It handles more advanced needs."
"The product efficiently prevents data leakages."
"All of the features are very important for anyone who is supporting a large number of computers."
"The solution has very good usability."
"The forensics within the solution are quite good. The ransomware mitigation is also impressive."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"The tool gives inconsistent answers and crashes a lot."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"Technical support could be better than what is currently offered."
"For CrowdStrike to work, all the machines need to have an internet connection. This makes it challenging to assist customers without an internet connection. We would like to have a mechanism or relay to make this possible."
"A year and a half ago or more, if you put in a support request by email, then it wasn't timely addressed. It could be a day to three days before you received a response, which was a bit frustrating. There was a lot of customer feedback around this issue, which has been greatly refined."
"It can be expensive depending on the features you select."
"They don't really have anything when it comes to scanning attachments."
"They offered a white glove service that was extremely costly. When we got into it, we saw it was relatively easy. If I was being nitpicky, I'd say that I don't like being sold something that's unnecessary. That's the only downside I've seen to the solution."
"Some of Falcon's features are a bit pricey."
"Too many false positives."
"As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of."
"The performance offered by the product needs improvement."
"The policies could be nicer to manage."
"Deployment on cloud needs to be carried out manually."
"The solution is expensive, and it could be made cheaper."
"The product defends very well on its own but could possibly use enhancement in giving users more controls."
"The graphical interface could improve. Additionally, adding less expensive mobile device support would be helpful. Other solutions have this feature."
"The tool should be made compatible with Linux and Microsoft operating systems."
Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.
CrowdStrike Falcon is ranked 3rd in EPP (Endpoint Protection for Business) with 52 reviews while Intercept X Endpoint is ranked 7th in EPP (Endpoint Protection for Business) with 23 reviews. CrowdStrike Falcon is rated 8.6, while Intercept X Endpoint is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Robust threat hunting and great ability to do on-keyboard remote response and quarantining of devices". On the other hand, the top reviewer of Intercept X Endpoint writes "It can get ahead of the ransomware attack and encrypt the data on clients in the path of the infection". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Check Point Harmony Endpoint, whereas Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete, Fortinet FortiClient and Trend Micro Apex One. See our CrowdStrike Falcon vs. Intercept X Endpoint report.
See our list of best EPP (Endpoint Protection for Business) vendors, best EDR (Endpoint Detection and Response) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.