No more typing reviews! Try our Samantha, our new voice AI agent.

Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro vs Intercept X Endpoint comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on May 17, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Dell Trusted Device powered...
Ranking in Endpoint Detection and Response (EDR)
32nd
Average Rating
9.6
Reviews Sentiment
6.2
Number of Reviews
4
Ranking in other categories
No ranking in other categories
Intercept X Endpoint
Ranking in Endpoint Detection and Response (EDR)
19th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
110
Ranking in other categories
Endpoint Protection Platform (EPP) (14th), ZTNA (13th), Managed Detection and Response (MDR) (13th), Extended Detection and Response (XDR) (15th), Ransomware Protection (4th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro is 0.4%, up from 0.0% compared to the previous year. The mindshare of Intercept X Endpoint is 1.6%, down from 1.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Intercept X Endpoint1.6%
Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro0.4%
Other94.4%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Tom Cichosz - PeerSpot reviewer
System Engineer at a healthcare company with 501-1,000 employees
Integrated device protection has secured bios-level threats and preserves user performance
The features of Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro that I appreciate most are the real-time analytics in CrowdStrike and the ability to detect anomalies in the computer at the BIOS level, which is excellent to have. You would not normally see that with standard antivirus or regular security software; it would not integrate with the BIOS, but the fact that it does means that you get an enhanced layer of protection with CrowdStrike, more than you would see with another product. My perception of chip-level recovery is that it is a beautiful thing. Normally you are dependent on the OS for recovery actions, but in this case, you do not need that because it happens at the chip level. It happens out of band, before the OS is booted; you can make recovery choices, and that is extremely important. You always need an out of band solution, and on end user devices especially, if that is possible, that changes the whole landscape. Normally out of band is only for server-level devices, but this changes that; this adds an extra layer of protection that you would not normally see. I view the critical feature of Advanced Memory Scanning by CrowdStrike as incredible; the fact that it can actively scan memory without any performance hit on the PC or server devices is remarkable. Previously, in years before 2020, we would see a performance hit from this type of software, but the fact that CrowdStrike integrated with Dell does not cause any performance hit on the end user or the overall performance of the computer is an amazing thing. It is probably the best performing antivirus software I have actually seen.
AM
IT Head at Dee Development
Has struggled to detect major threats but has offered basic protection over time
Intercept X Endpoint could learn from CrowdStrike in terms of overall performance and filtering because performance is most important, especially these days as Windows is getting buggier and buggier, which puts a huge load on the PC, and even with the most advanced CPUs and everything in place, it still lags in performance in so many places, thanks to Windows' clumsy design of these collaboration suites that make it extremely heavy on PC's resources. The interface of Intercept X Endpoint is quite old-fashioned. The Sophos interfaces, including for Intercept X Endpoint, are quite bad actually; to be very honest, even in UTM boxes, they are not great at all. You can hardly see a very small portion of windows while it's creating the firewall rules, and we have been complaining about this for quite some time, but there hasn't been any improvement on those grounds. Intercept X Endpoint's anti-ransomware capabilities failed us during a bad attack, and just because of our own backup policies, we could restore our normal operations; otherwise, if we had to depend on this solution, we would have been long dead because the infection was so bad, it couldn't even detect the infection. Intercept X Endpoint cannot handle zero-day attacks; in my experience, last year, we had this major issue with a malware attack, and it happened just because of our backup policies that we were able to recover without any support from Sophos, which just told us they would charge us some 1 Crore in rupees. Intercept X Endpoint should improve their implementation; things will never be perfect for the new world. This new world is always facing new kinds of attacks and new ways to compromise the system. They need to learn fast, implement fast, and sometimes redesigning the solution is the solution—not just patchwork. There was a time we used to love Sophos because of its fresh design and innovative thought. In my experience, when technical companies are led by MBA professionals, they lose their shine on the technical part and become more dependent on target sales; it turns into a marketing-centric operation that loses the technical focus completely.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"This software helps us understand any issues that may arise when someone is not at work."
"The scalability of Cortex XDR by Palo Alto Networks is very good."
"We can use Cortex XDR to get the entire graph of the incidents from source to destination, and we can take remedial action."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"Cortex XDR by Palo Alto Networks is easy to use and does not consume a lot of hardware resources."
"It collects and caches and the knowledge of machine learning from different customers to take to the cloud, it makes it better to use for everybody, it allows for quick learning and updates and can, therefore, offer zero-day malware security, and this sharing of metadata helps make the solution very safe."
"I recognize that Cortex XDR by Palo Alto Networks is one of the best products in its category regarding capabilities."
"The product is very good, it has caught a lot of exploits that most products would not."
"If you are considering protecting your Dell endpoints and your Dell infrastructure with CrowdStrike, it is a no-brainer."
"Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro has helped us immensely."
"The features of Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro that I like the most include its ability to recover quickly."
"The fact that CrowdStrike and Dell have gotten to a point where it has no user effect, or virtually zero user effect, is absolutely game-changing."
"The most valuable features of Sophos Intercept X are the minimal configuration needed for the end user and the central view of all the endpoints. There are plenty of tools to control and manage the endpoints. Additionally, there is the capability of connecting the endpoint to the CLI."
"The forensics within the solution are quite good, and the ransomware mitigation is also impressive."
"I consider the heuristics to be most valuable, the fact that the solution does not work solely on signatures."
"All of the features are very important for anyone who is supporting a large number of computers."
"The primary use of the solution is to block threats, and it contains a quick queries engine that can help us figure out where all threats are coming from."
"Sophos technical support has always been fantastic, I've never had an issue, they have been great, and they are tremendously helpful."
"The most valuable features are the anti-ransomware engine, deep learning, web filtering, and the cloud manageability."
"The most valuable feature is that it literally works. We have reduced a lot of complaints after switching to Sophos."
 

Cons

"For Cortex XDR by Palo Alto Networks, if I had to point out improvements, I would say the UI is still somewhat difficult for beginners."
"We have found that there are times Cortex XDR by Palo Alto Networks does not detect some of the viruses, we have to use another protection solution called Kaspersky."
"As an improvement, I would like to see enhanced connection speeds."
"The only issues that we have are, one the cost, two the dashboard is not very intuitive, even though you can drill down within the dashboard, we usually have to gather information from other sources to determine locations and if its a false positive."
"The negative aspect I see is the economic model used by Palo Alto."
"There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly."
"It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint."
"The deployment is pretty hard."
"The biggest thing I would do to improve Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro is add that agentic AI to it at the highest level and allow it to start to deploy and do things ourselves."
"The room for improvement that I would recommend to make it a 10 is that it might be beneficial to scale out to include servers."
"The after sales service and support could be improved, particularly on the technical side."
"We've had difficulty with uninstalling the solution. When we try to uninstall an old version of the basic Sophos Antivirus, it doesn't seem to uninstall completely."
"The support on offer isn't ideal. In terms of the support on offer, for example, if there was a zero-day kind of attack or something, the turnaround time that Sophos offers is not acceptable."
"For the stability of the solution, I had some problems with uptime."
"The solution's pricing could be better."
"It's a bit heavy on the computers. So once you install it, the computer slows down. It is a resource-intensive solution."
"They should work on the logs and events. Sophos Intercept X needs to increase the interface test so that it can export to a live event."
"The initial setup was not very user-friendly, but it improved during the evolution."
 

Pricing and Cost Advice

"The price of the solution is high for the license and in general."
"The cost of Cortex XDR by Palo Alto Networks is $55 to $90 USD per endpoint per month."
"Cortex XDR by Palo Alto Networks is quite an expensive solution."
"The price is on the higher side, but it's okay."
"Our license will require renewal in August, after which the maintenance will continue as usual."
"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
"I don't recall what the cost was, but it wasn't really that expensive."
"It has a yearly renewal."
Information not available
"We were able to eliminate the ransomware using the one-month, full-featured trial license."
"On a per-user basis, my company has to pay a certain amount of money."
"We renew the license for one year at $10,000."
"Licensing is based on the number of users. They give a discount for editors who are considered as important members. From what I know, Sophos products are not expensive. If you have a license extension, you just need to contact the editor or partner to change the mode of licensing or extend the license to cover more people."
"Licensing costs are not expensive."
"I find the pricing to be a little bit expensive, although it is acceptable, for now."
"One can pay for the license annually, or at two and five year intervals."
"As I am not responsible for paying the bills I cannot comment on the pricing."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Construction Company
15%
Comms Service Provider
11%
Hospitality Company
11%
Recreational Facilities/Services Company
9%
Construction Company
9%
Computer Software Company
9%
Comms Service Provider
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
No data available
By reviewers
Company SizeCount
Small Business76
Midsize Enterprise21
Large Enterprise22
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro?
My experience with the pricing, setup cost, and licensing of the platform has been fairly simple. Licensing has been ...
What needs improvement with Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro?
The room for improvement that I would recommend to make it a 10 is that it might be beneficial to scale out to includ...
What is your primary use case for Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro?
Our main use cases for Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro involve having a pretty expan...
How does Crodwstrike Falcon compare with Sophos Intercept X?
I like that Crowdstrike Falcon allows me to easily correlate data between my firewalls. Its detection and machine lea...
What is your experience regarding pricing and costs for Sophos Intercept X?
Intercept X Endpoint has some impact on the budget. It is quite costly when measuring Intercept X Endpoint's protecti...
What needs improvement with Sophos Intercept X?
Intercept X Endpoint can be improved in several ways. Currently, it is only available on the cloud, and having it ava...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
Sophos Intercept X
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
Flexible Systems
Find out what your peers are saying about Dell Trusted Device powered by CrowdStrike Falcon and Intel vPro vs. Intercept X Endpoint and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.