We performed a comparison between Intercept X Endpoint and ThreatLocker Protect based on real PeerSpot user reviews.
Find out in this report how the two Ransomware Protection solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Ability to get forensics details and also memory exfiltration."
"I appreciate the ability to use the latest endpoint protection features in case of an infection or cyber threat. This is especially true when using the product with a Sophos firewall solution, like the XG series. They collaborate effectively in the event of a cyber threat."
"It is a very scalable solution."
"Sophos Intercept X has a host of valuable features, including its anti-malware feature, which we considered key."
"A valuable feature offered by Sophos is called Naked Security, and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client."
"It is not just a simple virus scanning product. It handles more advanced needs."
"The threat analysis center is nice."
"The initial setup is simple."
"It provides a feature for scanning and analyzing endpoints, which is a value-add for our infrastructure. With the advancements in the Advanced Persistent Threats (APTs), Sophos Intercept X analyzes an APT and the behavior of the endpoints. It then gives us a detailed dashboard with more information about the endpoints and their security and risk level. While deploying Sophos Intercept X, we identified a lot of vulnerability and risky endpoints that our previous solution didn't cover, which proved that this solution is the best."
"The biggest improvement has been knowing that something unauthorized isn't going to get installed on anyone’s machines."
"The most valuable feature is probably the ability to block programs from running. ThreatLocker has some built-in features that make it super easy. You can also contact their support within the program. If you're having issues, you can click on that button and connect with someone in five to 10 seconds."
"Feature-wise, the learning mode and the fact that it's blocking everything are the most valuable. I don't see why more companies don't use the type of product."
"The great thing is that if you get a malicious email and you try to run something, ThreatLocker is not going to let it do anything. It is not going to let anything infect your network."
"Application control, ring-fencing, and storage control are the most important features, followed closely by elevation."
"We use ThreatLocker's Allowlisting to whitelist specific applications and prevent unauthorized software from running."
"ThreatLocker Allowlisting has all of these features integrated into one console, making it effective."
"The interface is clean and well-organized, making it simple to navigate and find what we need."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The solution's installation from a central installation server could be improved because the engineers had a little bit of trouble getting it installed from a central location."
"We'd like to see more one-to-one product presentations for the distribution channels."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"I haven't seen the use of AI in the solution."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?""
"In my opinion, there have been significant developments in the product. In my opinion, I don’t have any suggestions as of now, however I can suggest a cost deduction which will be beneficial for all the parties. It will also relieve our budget and benefit our team."
"There is room for improvement in terms of stability and updates."
"The deployment part needs to be improved."
"Sophos needs to create a YouTube channel with educational material for technicians or engineers."
"It has a performance hit on a local laptop. There's an agent installed and we are bothered a lot by it because it seems to be using a lot of computer resources."
"The price of this solution can be improved."
"We are considering switching from this solution as a result of the closer integration needed between the firewall systems and the EDR."
"The snapshots used in the ThreatLocker University portal are outdated snippets and have not been updated in conjunction with the portal itself."
"Something we have come up against a couple of times is that we have two clients that are software developers. They create software that doesn't have digital signatures and that's not easy to categorize or whitelist with ThreatLocker. We have to go in and make custom rules to allow them to do their work and to be protected from malicious threats."
"More visibility in the built-ins would be nice."
"ThreatLocker could offer more flexible training, like online or offline classes after hours. The fact that they even provide weekly training makes it seem silly to suggest, but some people can't do it during the day, so they want to train after work. They could also start a podcast about issues they see frequently and what requires attention. A podcast would be helpful to keep us all apprised about what's going on and/or offline training for those people who can't train during the week."
"From a reporting perspective, enhancing the ability to customize reports would be beneficial."
"If you have a thousand computers with ThreatLocker agents on them, when you approve or create a new policy saying that Adobe Reader that matches this hashtag and meets certain criteria is allowed to be installed, it applies at the top level or the organization level. It applies to every computer in the company. When you make that new policy and push it out and it goes out and updates all of the clients. Unfortunately, at this time, it does not look like they stagger the push-out."
"The portal can be a little overwhelming at times from an administration point of view. It displays a lot of information, and it's all useful. However, sometimes there is too much on the screen to sift through, especially if you're trying to diagnose a client's problem with a piece of software. Maybe something has stopped working since they updated it, and we need to see if ThreatLocker is blocking a component of that software."
"The reporting could be improved."
Intercept X Endpoint is ranked 3rd in Ransomware Protection with 101 reviews while ThreatLocker Protect is ranked 6th in Ransomware Protection with 13 reviews. Intercept X Endpoint is rated 8.4, while ThreatLocker Protect is rated 9.2. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of ThreatLocker Protect writes "Integration is simple, deployment is straightforward, and extensive well-written documentation is available online". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Trend Micro Apex One, whereas ThreatLocker Protect is most compared with SentinelOne Singularity Complete, Microsoft Defender for Endpoint, CrowdStrike Falcon, Huntress and GravityZone Business Security. See our Intercept X Endpoint vs. ThreatLocker Protect report.
See our list of best ZTNA vendors, best Ransomware Protection vendors, and best Endpoint Protection Platform (EPP) vendors.
We monitor all Ransomware Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.