Try our new research platform with insights from 80,000+ expert users

CylancePROTECT vs Intercept X Endpoint (Sophos) comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 20, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

BlackBerry Cylance Cybersec...
Ranking in Endpoint Protection Platform (EPP)
29th
Average Rating
8.0
Reviews Sentiment
4.6
Number of Reviews
44
Ranking in other categories
No ranking in other categories
Intercept X Endpoint
Ranking in Endpoint Protection Platform (EPP)
10th
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
106
Ranking in other categories
Endpoint Detection and Response (EDR) (11th), ZTNA (8th), Managed Detection and Response (MDR) (7th), Extended Detection and Response (XDR) (11th), Ransomware Protection (3rd)
 

Mindshare comparison

As of July 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of BlackBerry Cylance Cybersecurity is 1.1%, down from 1.5% compared to the previous year. The mindshare of Intercept X Endpoint is 1.6%, down from 3.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Sooraj Makkancherrry - PeerSpot reviewer
Doesn't have daily updates, which is important for healthcare IT
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immediately due to medical device protocols and validation testing. I wish support would try to understand our issues better instead of giving this standard response. The machine learning feature they use often tells us to upgrade the agent or add things to the exclusion list, which isn't unacceptable. It's a very good and new technology as a tool and antivirus. But sometimes, it doesn't work properly with our medical devices and products, quarantining files it shouldn't even after we add them to exclusions. This is tricky for us.
Suwandhi Suraweera - PeerSpot reviewer
Offers advanced filtering features and benefits from improved licensing and performance
There is a licensing issue with Intercept X Endpoint. Their licenses are user-based. Most of our customers use per device licenses, and they need per device licenses because they use one PC for multiple accounts. This creates a problem. There was one customer who complained about the slowness of PCs using Intercept X Endpoint. They use minor performance PCs, which causes their PCs to become slow.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We are quite security-focused. Blackberry Protect as an endpoint solution for our service really delivers what we are expecting."
"Has good RAM capacity for the power I need"
"The platform's most valuable features are the malware detection capabilities."
"The most valuable feature of CylancePROTECT is the support."
"The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate. In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it."
"It handles situations that the other threat management tools wouldn't find. It has worked well covering the weaker sides of the other products that we're integrating."
"The most functional item that we use is the process to turn off the false flags that it causes."
"The solution is very quick at easily changing the levels of protection for each computer and the server."
"It is stable and has a good price. I find it very good."
"All of the features are very important for anyone who is supporting a large number of computers."
"This solution offers very good performance and it has great features."
"One reason why I have stuck with Sophos is because it grabs it and deals with it, and if it's known malware, it can quarantine it or delete it."
"Since it's cloud-managed, the solution is easy to administer, especially if the person using it is in a different geophysical location."
"We have found the pricing to be reasonable."
"We find all features valuable. It has zero-day protection, which is the most valuable feature of Intercept X. We have Intercept X with EDR. EDR is a very important feature. It gives an idea about the source of a particular attack. An administrator gets to know everything, which helps in understanding the things that need to be done or protected in the organization. Based on this information, an administrator can decide what needs to open or allowed in the network. Without EDR, Intercept X is like an antivirus, and the administrator won't get to know the things going on at the organizational level. I recommend purchasing an EDR solution for every organization."
"The key factor that attracted me to Sophos Intercept X was the multi-platform. I have multiple clients that have mixed environments of Mac and Windows. I am able to deliver a standard solution, regardless of the platform."
 

Cons

"The AI of CylancePROTECT has room for improvement. I'm on a trial license of SentinelOne, and its AI is much better than what's on CylancePROTECT."
"The product must make the interface a little more user-friendly."
"The solution needs better dashboards that are easier to use."
"The product needs to continue to offer better alerts. In particular, around false positives. It needs to reduce them from happening."
"​It needs real analysis of quarantined files. The EDR product isn't showing much right now."
"The OPTICS component could be made more user-friendly with respect to giving people more information."
"I'd like them to do software distribution too, but they said that that's architecturally not at the product line."
"I would like to see a better UI in terms of sifting through more specific data and providing analytics. A little bit more would be nice."
"Pricing is high."
"The policies could be nicer to manage."
"Intercept X Endpoint is a very heavy solution that consumes a lot of RAM and should be made lighter."
"The performance is very slow and should be faster."
"We tried to set up Sophos Zero Trust within my Sophos central cloud. It only works with Microsoft and I use Google. I'd like to see Google added."
"I have not done it, but integrating it with authenticating the users on the Windows system looks a bit complicated to me. It could be because I don't understand it."
"To be a perfect product, the price would have to be a bit better."
"There should be a report including a flowchart or diagram. It will be useful to evaluate the software’s effectiveness."
 

Pricing and Cost Advice

"It's not so heavily priced; rather, it's average and decent."
"I think that the price we are paying is good for what it is."
"Review closely how many endpoints you actually need before buying into a pricing level. Deal and deal with the VAR of your choice."
"The monthly fee is $55 USD per user."
"We would just add more if there are new users, but right now you just need one license for per user."
"This cost of the license is approximately $5 USD monthly per user."
"Our licensing cost for the solution is around $4,000 for six months. There are no costs in addition to the standard licensing fees."
"Currently, we have competitive pricing for Cylance, which is affordable enough to consider."
"Licensing is based on the number of users. They give a discount for editors who are considered as important members. From what I know, Sophos products are not expensive. If you have a license extension, you just need to contact the editor or partner to change the mode of licensing or extend the license to cover more people."
"It is a high-cost solution."
"We were able to eliminate the ransomware using the one-month, full-featured trial license."
"The solution offers both a three-year license and an annual license. I would rate the product's pricing a one out of ten."
"The cost of Sophos Intercept X is reasonable."
"The price of this product should be reduced because it is a little high."
"The price of the solution is average compared to the market."
"I am not sure about the cost. I would guess it to be between $50 to $60 per license. This would be the cost of the overall subscription. There is no additional fee."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
860,711 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Manufacturing Company
12%
Government
7%
Financial Services Firm
6%
Computer Software Company
18%
Manufacturing Company
7%
Financial Services Firm
6%
Comms Service Provider
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Blackberry Protect?
It is a good endpoint solution. It is very easy to manage and detect the threat immediately. It will take the necessary actions.
What is your experience regarding pricing and costs for Blackberry Protect?
The price is reasonable for us at the moment. I rate the overall solution an eight out of ten.
What needs improvement with Blackberry Protect?
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immedi...
How does Crodwstrike Falcon compare with Sophos Intercept X?
I like that Crowdstrike Falcon allows me to easily correlate data between my firewalls. Its detection and machine learning are very valuable features. Crowdstrike Falcon also successfully prevents ...
What is your experience regarding pricing and costs for Sophos Intercept X?
I would describe it as economical, but not much cheaper than other solutions.
 

Also Known As

Blackberry Protect
Sophos Intercept X
 

Overview

 

Sample Customers

Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit
Flexible Systems
Find out what your peers are saying about BlackBerry Cylance Cybersecurity vs. Intercept X Endpoint and other solutions. Updated: June 2025.
860,711 professionals have used our research since 2012.