"The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected."
"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."
"The most valuable feature is signature-based malware detection."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"The entirety of our network infrastructure is Cisco and the most valuable feature is the integration."
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"The exploit guard and malware protection features are very useful. The logon tracker feature is also very useful. They have also given new modules such as logout backup, process backup. We ordered these modules from the FireEye market place, and we have installed these modules. We are currently exploring these features."
"FireEye Endpoint Security is easy to use and lightweight compared to others."
"It is a really strong solution for endpoint security."
"If the network has seen something, we can use that to put a block to all the endpoints."
"It has a feature called Isolation. If a device is compromised, we can connect it to our SOC, and no one would be able to access it. This way we can limit the damage to the network while we are investigating."
"It's a stable solution with good performance."
"FireEye Endpoint Security's scalability is awesome. I think it is one of the best on that front."
"The features we have found most valuable have been containment as well as the ability to triage agent activities."
"One reason why I have stuck with Sophos is because it grabs it and deals with it, and if it's known malware, it can quarantine it or delete it."
"The most valuable feature is the behavioral, non-signature-based threat detection."
"The most valuable features are the anti-ransomware engine, deep learning, web filtering, and the cloud manageability."
"We find the app control and its threat protection to be the best features."
"This solution is easy to configure."
"The most valuable feature is the CryptoGuard in Sophos. In a case of a ransomware attack, this feature comes into action to protect us."
"The most valuable feature is the anti-ransomware capability. It's been helpful because we have been seeing a lot of information around what the ransomware hit."
"This solution can be used with any device, mobiles, desktops, or any appliances."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"I would like to see integration with Cisco Analytics."
"In terms of the user experience, if the UX design could be much simpler [that would improve things]... if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something."
"It could be improved in connection with artificial intelligence and IoT."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"This product has issues with the number of false positives that it reports."
"The GUI needs improvement, it's not good."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"Search feature could be made more user-friendly."
"The solution can be expensive."
"They have something called Managed Detection and Response. They get intel from their customers, and that intel is shared with the rest of FireEye's customers. I want to subscribe to their intel, but that is not available to us."
"It has very good integrations. However, its integration with Palo Alto was not good, and they seem to be working on it at the backend. It is not very resource-hungry, but it can be even better in terms of resource utilization. It could be improved in terms of efficiency, memory sizing, and disk consumption by agents."
"In some cases, the detection part was not accurate enough. We opened a few cases for the vendor to help us with some miscategorized findings on the endpoints. There were some false positive detections, and we had to work with the vendor to get them tested. We even had some incidents that were not detected. It was a black box type of solution for us."
"Most of these types of solutions including others, such as Carbon Black and FortiEDR, all have the same features. However, Carbon Black is the leader when it comes to being robust and user-friendly and this solution should improve in those areas to stay more competitive."
"The Linux support is very poor. I use base detection. Currently, they are providing malware protection and logon track features in Windows and Mac. These features aren't available in Linux. It will be helpful to extend these capabilities to Linux. We would also like assets grouping and device lock protection features, which are included in their roadmap."
"We would like to solution to offer better security."
"It's a challenge to do system maintenance work on a notebook. You always have to disable Sophos first."
"It consumes a lot of resources, and something needs to be done for that."
"We would like more application control in order to be able to schedule times and access."
"Better protection in the endpoint, server, and mobile is needed."
"The endpoint detection and response (EDR) technology has room for improvement because the information that it gives us to resolve our problems is poor nowadays."
"Intercept X needs more reporting and device management features, so I can get messages from PCs that let me know if I need to do something with them."
"Through Sophos Central I would like to see the ability to zero in and produce a report about the challenges being faced by a particular machine and user, to know if a virus is appearing only on that specific machine or also on others."
"The pricing could be a bit lower to match the normal retail pricing."
FireEye Endpoint Security is ranked 12th in EDR (Endpoint Detection and Response) with 10 reviews while Sophos Intercept X is ranked 4th in EDR (Endpoint Detection and Response) with 63 reviews. FireEye Endpoint Security is rated 8.2, while Sophos Intercept X is rated 8.6. The top reviewer of FireEye Endpoint Security writes "Enables us to do IOC-based search across the enterprise and isolate compromised devices". On the other hand, the top reviewer of Sophos Intercept X writes "Great reporting and good training with a pretty straightforward setup". FireEye Endpoint Security is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Darktrace and SentinelOne, whereas Sophos Intercept X is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, SentinelOne, Kaspersky Endpoint Security for Business and Cortex XDR by Palo Alto Networks. See our FireEye Endpoint Security vs. Sophos Intercept X report.
See our list of best EDR (Endpoint Detection and Response) vendors.
We monitor all EDR (Endpoint Detection and Response) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
