We performed a comparison between SentinelOne and Sophos Intercept X based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: SentinelOne comes out on top in this comparison due to its easy setup, high performance, attractive price, and impressive ROI.
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"The comprehensiveness of Microsoft's threat detection is good."
"Microsoft 365 Defender is simple to upgrade."
"Microsoft 365 Defender also automates the finding of high-value alerts. Automation allows me to work with a small security team. It is even a tool that touches our budget, enabling us to reduce the number of employees needed."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"Microsoft 365 Defender is a good solution and easy to use."
"The most valuable features of Sophos Intercept X are the ease of use and the policy options that are simple to understand. Overall, the protection is good."
"It is one of the best in terms of technicality."
"Machine learning is used to detect the threat and it does so by prioritizing the suspicious activities."
"The most valuable feature of Intercept X its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because could go in and get it back."
"What I have found the most valuable about Sophos Intercept X is the ease of use with management administration and the solution's ability to stop exploits and ransomware."
"It is a very scalable solution."
"The key factor that attracted me to Sophos Intercept X was the multi-platform. I have multiple clients that have mixed environments of Mac and Windows. I am able to deliver a standard solution, regardless of the platform."
"The most valuable feature is that it literally works. We have reduced a lot of complaints after switching to Sophos."
"The visibility component is the most valuable feature."
"SentinelOne Singularity has hundreds of features. The most valuable feature of the solution is the ease of use and threat control."
"I find the application inventory feature to be extremely useful."
"Singularity's rollback feature is one of the primary reasons we bought the product. If there's an attack on the machine, the system can automatically roll back the data and the hard drive of the machine that was attacked."
"I like the centralized management with the web dashboard."
"SentinelOne has improved the overall security posture of the firm without creating a lot of hassle for our end users. Everything is a bit more secure. We think Singularity Complete has helped us reduce our organizational risks."
"The XDR capability is quite good."
"The most valuable feature varies from client to client but having absolute clarity of what happened and the autonomous actions of SentinelOne are what most people find the most assuring."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"Intrusion detection and prevention would be great to have with 365 Defender."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"The support team is not competent or responsive."
"I would like to see better support for virtual and desktop infrastructures."
"The solution can be expensive, although we do see the value in it."
"The policies could be nicer to manage."
"It would be beneficial if you could expand support for Windows 7 and Windows Server 2008 without charging an additional fee."
"Intercept X needs more reporting and device management features, so I can get messages from PCs that let me know if I need to do something with them."
"Stability-wise, we had issues with some clients which had to be dealt with manually. The issue was with that installation part."
"Installing Sophos Intercept X was not as straightforward, as we had to ask support and had to work with an integrator, though the process didn't take much time, e.g. it was completed within one hour."
"The majority of our systems are MacBooks and their solution release cycle is slow to endorsing or support the MacBook's latest OS or hardware platform. For example, when Sophos macOS Big Sur version 11 was released, it took them a while to support this version of OS. A similar situation occurred when the MacBook M1 hardware CPU was released. They have not fully supported the native M1 CPU to this day. They need to speed up the solutions release cycle."
"The setup process could be improved."
"The performance could be better. Singularity lags a bit, and it's a resource-hungry application, so it takes a while to load."
"One thing I don't like is the exportable report. They're they're not as useful as I'd hoped they would be."
"We are not utilizing all the features available with SentinelOne Singularity Complete, including the built-in XDR and Ranger, due to the substantial associated costs."
"The training for SentinelOne Singularity should be free. The solution has a lot of features but we do not know how to use them all. The moment someone purchases the solution they should contact them and provide them with a feature session on how to use the features."
"Their CASB tool needs to mature. I think there are some CASB vendors out there that have a dashboard tool that's much more mature than SentinelOne. That would be the only constructive criticism that I have."
"I'd like to see more documentation."
"It is difficult to manage users in SentinelOne."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Intercept X Endpoint is ranked 5th in EPP (Endpoint Protection for Business) with 27 reviews while SentinelOne Singularity Complete is ranked 2nd in EPP (Endpoint Protection for Business) with 88 reviews. Intercept X Endpoint is rated 8.4, while SentinelOne Singularity Complete is rated 8.6. The top reviewer of Intercept X Endpoint writes "Complete solution, scales well, is reliable, has competitive pricing, and has excellent technical support". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Worth the money, supports legacy endpoints, and blocks anything even remotely malicious". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, Cortex XDR by Palo Alto Networks and Bitdefender GravityZone EDR, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ESET Endpoint Protection Platform and Bitdefender GravityZone EDR. See our Intercept X Endpoint vs. SentinelOne Singularity Complete report.
See our list of best EPP (Endpoint Protection for Business) vendors, best EDR (Endpoint Detection and Response) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.