We performed a comparison between Microsoft Defender For Endpoint and Sophos Intercept X based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Sophos Intercept X comes out on top. While the Microsoft Defender For Endpoint solution is good, it lacks in certain areas that Sophos Intercept X don’t have to worry about. Overall, users of Sophos Intercept X have mainly positive feedback on the product, agreeing that its set of features is excellent.
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"It is stable and scalable."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Sophos Intercept X is a very effective solution and its being cloud-based is a benefit. Wherever my users are, I can apply policies to them. In the era of mobility, when users are out of the office or they're in different locations, it doesn't matter."
"I am impressed with the tool's common dashboard feature. The solution is also easy to deploy and manage. Reporting is also easy with the software."
"What I have found the most valuable about Sophos Intercept X is the ease of use with management administration and the solution's ability to stop exploits and ransomware."
"The performance is good."
"The most valuable feature is the behavioral, non-signature-based threat detection."
"It is a practically maintenance free intelligent system that independently protects environments from malicious attacks."
"The most valuable features are the range and restriction."
"The most valuable features are the anti-ransomware engine, deep learning, web filtering, and the cloud manageability."
"It's effective against most types of infection, and the firewall is perfect for protection."
"Microsoft Defender is always running. It is doing its job, so it is fine. I don't have any issues with the way it was implemented or how we are running it. We have been upgrading IT throughout the years, but there have been no issues."
"The most valuable feature is ransomware protection, which can detect malicious activity from IPs or a malicious payload in DLLs, or other things that can corrupt the system."
"Defender for Endpoint provides good visibility into threats and has favorable threat intelligence."
"The solution's threat protection is mostly AI and machine-learning based. That is the most important feature of the product. It also offers centralized management so I can remotely manage devices."
"The protection that it provides is quite good."
"DFE organizational security posture has been a positive experience. We're a Microsoft house. It works. Once it's deployed and once it's configured, it works and our clients tend to be happy with it. I haven't really experienced anyone who has been so unsatisfied with the platform that they wanted to go a couple of different directions, that has never happened to me."
"The most valuable feature is that it comes with the package, so there is no additional installation of third-party software. It's also easy to use."
"I haven't seen the use of AI in the solution."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"It takes about two business days for initial support, which is too slow in urgent situations."
"Sophos Intercept X doesn't have its own firewall that utilizes the Windows Firewall or intrusion prevention."
"The policies could be nicer to manage."
"It would be beneficial if you could expand support for Windows 7 and Windows Server 2008 without charging an additional fee."
"It's a challenge to do system maintenance work on a notebook. You always have to disable Sophos first."
"Intercept X needs more reporting and device management features, so I can get messages from PCs that let me know if I need to do something with them."
"The endpoint detection and response (EDR) technology has room for improvement because the information that it gives us to resolve our problems is poor nowadays."
"The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them."
"Sophos Intercept X could improve on its setup process. They could make it easier to have a baseline set up for the system, or at least provide more understanding of what the baseline is when you first install it. This could be a matter of lack of training on my part, but it's difficult to receive training on solutions that are not Cisco. Cisco is the only vendor with classes or courses."
"The product should reduce updates since it is hard to keep up."
"It needs to improve the cybersecurity for lateral movements. For example, when a hacker tries to enter a machine, they try to get the password by doing a lateral movement."
"Phishing and Malware detection could be better."
"Lacks some additional integration."
"Auto recovery is the most important feature that we would need from this solution. For decryption, similar to Malwarebytes, there should be something to be able to recover the data up to the last normal status. Its ability to recover data to the last normal copy must not exceed 5 to 10 minutes."
"Microsoft Defender for Endpoint could provide us with a more holistic approach, such as collaboration. They can provide us with an environment from where we can manage all the endpoints from one central location, such as overall management."
"Integrating this with third-party systems has some complexity involved."
"I would like to see fewer pop messages and alerts."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Intercept X Endpoint is rated 8.4, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Intercept X Endpoint is most compared with CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete, Fortinet FortiClient and Seqrite Endpoint Security, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, CrowdStrike Falcon, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Fortinet FortiClient. See our Intercept X Endpoint vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.