Sophos Intercept X and ThreatLocker are contenders in the endpoint protection space. Sophos Intercept X prevails in threat detection due to advanced machine learning, while ThreatLocker is stronger in application control with a zero-trust model.
Features: Sophos Intercept X provides advanced machine learning for threat detection, centralized management, and anti-malware capabilities. It includes tools like EDR, forensics, and synchronized security integration. ThreatLocker focuses on granular application control, ring-fencing, and implements a zero-trust model, which is highly praised for its flexibility and proactive threat blocking.
Room for Improvement: Sophos Intercept X can enhance user management features, improve on-premise offerings, and better integrate with third-party solutions. Its technical support and performance on older hardware are also noted for needing improvement. ThreatLocker could improve its user interface, offer better training flexibility, and optimize network update distribution. Integration with PSA systems and improved mobile support are additional areas for enhancement.
Ease of Deployment and Customer Service: Sophos Intercept X offers deployment across public, private, and hybrid clouds. It receives mixed reviews on technical support, with some users suggesting a need for improved response times. ThreatLocker, while also receiving mixed feedback on support, is generally praised for a solid customer service experience. Some users recommend further improvement in training materials and support availability.
Pricing and ROI: Sophos Intercept X is considered reasonably priced for its capabilities, although some view it as expensive. Licensing options are flexible with annual and multi-year arrangements. ThreatLocker is seen as cost-effective and well-priced for its features, allowing integration across clients. Both solutions are strategic investments with positive impacts on organizational ROI, though direct measurement varies based on several factors.
If something were to happen without ThreatLocker, the cost would be huge, and thus, having it is definitely worth it.
The main return on investment is peace of mind, knowing that with ThreatLocker on any endpoint, it will almost always block all malicious code or exploits, even zero-day exploits.
It keeps malware, Trojans, and ransomware at bay.
Technical support from Sophos is rated as nine out of ten, which represents high quality.
There are issues with onboarding technical engineers to resolve problems, which causes delays.
When you are in real deep trouble, you just want to get out of it; you don't need so many jargons.
They have been very responsive, helpful, and knowledgeable.
I would rate their customer support a ten out of ten.
Their support is world-class.
The tool's scalability is good, and I would rate it an eight out of ten.
I started off with just the servers, and within a month and a half, I set up the entire company with ThreatLocker.
It seems to primarily operate on the endpoints rather than at a central location pushing out policies.
I would rate it a ten out of ten for scalability.
In terms of stability, I would rate Intercept X Endpoint an eight out of ten.
To improve Intercept X Endpoint performance, upgrades in RAM and other system features are needed.
For five years, we have not had a problem.
Once deployed, it downloads the policies locally, so even if the computer doesn't have internet, it doesn't matter.
It has been very stable, reliable, and accessible.
There should be a profile where I can see what files Sophos is scanning.
Intercept X Endpoint's anti-ransomware capabilities failed us during a bad attack, and just because of our own backup policies, we could restore our normal operations.
Intercept X Endpoint sometimes slows down machines due to high CPU utilization and significant RAM consumption during scanning.
Controlling the cloud environment, not just endpoints, is crucial.
This is problematic when immediate attention is needed.
Comprehensive 24-hour log monitoring is a valuable enhancement for both business and enterprise-level users.
The pricing of Intercept X Endpoint is a bit high.
I would describe it as economical, but not much cheaper than other solutions.
We pay for Sophos on a product by product basis, whatever we buy, whatever we use.
After conversations with other partners, it became clear we underpriced it initially, which caused most of our issues.
We are moving towards the Unified solution, where they basically bundle everything together, providing us better stability with the ability to bring in new product offerings without having to go back to the customer and say, 'This is going to cost you.'
I had a really good deal at the time, and it continues to be cost-effective.
The stronger the AI/ML in an endpoint, the better the protection against unknown threats.
Intercept X Endpoint is the only endpoint security product I know that provides content filtering and application controls.
Intercept X Endpoint has been stable, and I appreciate the centralized management and the reporting feature.
ThreatLocker Zero Trust Endpoint Protection Platform's ability to block access to unauthorized applications has been excellent.
It protects our customers.
The major benefit is fewer breaches overall, as nothing can be run without prior approval. This helps my company protect its data and secure itself effectively.
| Product | Market Share (%) |
|---|---|
| ThreatLocker Zero Trust Endpoint Protection Platform | 1.0% |
| Intercept X Endpoint | 1.5% |
| Other | 97.5% |
| Company Size | Count |
|---|---|
| Small Business | 72 |
| Midsize Enterprise | 22 |
| Large Enterprise | 22 |
| Company Size | Count |
|---|---|
| Small Business | 32 |
| Midsize Enterprise | 4 |
| Large Enterprise | 3 |
Sophos Intercept X Endpoint is a comprehensive cybersecurity solution that combines the power of artificial intelligence (AI) with Sophos' deep expertise in cybersecurity to provide unmatched protection against sophisticated cyber threats, including ransomware, malware, exploits, and zero-day vulnerabilities. Sophos Intercept X Endpoint stands out for its innovative approach to endpoint security, leveraging advanced technologies and expert services to provide comprehensive protection. Its focus on prevention, detection, and response, combined with ease of use and scalability, makes it a preferred choice for organizations looking to strengthen their cybersecurity defenses.
Harness the Power of a Deep Learning Neural Network
Achieve unmatched endpoint threat prevention. Intercept X uses deep learning, an advanced form of machine learning to detect both known and unknown malware without relying on signatures.
Deep learning makes Intercept X smarter, more scalable, and more effective against never-seen-before threats. Intercept X leverages deep learning to outperform endpoint security solutions that use traditional machine learning or signature-based detection alone.
Stop Ransomware in Its Tracks
Block ransomware attacks before they wreak havoc on your organization. Intercept X with XDR includes anti-ransomware technology that detects malicious encryption processes and shuts them down before they can spread across your network. It prevents both file-based and master boot record ransomware.
Any files that were encrypted are rolled back to a safe state, meaning your employees can continue working uninterrupted, with minimal impact to business continuity. You get detailed post-cleanup information, so you can see where the threat got in, what it touched, and when it was blocked.
Intelligent Endpoint Detection and Response (EDR)
The first EDR designed for security analysts and IT administrators
Intercept X Advanced with EDR allows you to ask any question about what has happened in the past, and what is happening now on your endpoints. Hunt threats to detect active adversaries, or leverage for IT operations to maintain IT security hygiene. When an issue is found remotely respond with precision. By starting with the strongest protection, Intercept X stops breaches before they start. It cuts down the number of items to investigate and saves you time.
Extended Detection and Response (XDR)
Intercept X Advanced with XDR is the industry’s only XDR solution that synchronizes native endpoint, server, firewall, email, cloud and O365 security. Get a holistic view of your organization’s environment with the richest data set and deep analysis for threat detection, investigation and response for both dedicated SOC teams and IT admins.
Managed Detection and Response
ThreatLocker Zero Trust Endpoint Protection Platform offers robust endpoint security through application control and allowlisting, safeguarding servers and workstations from unauthorized software execution.
ThreatLocker Zero Trust Endpoint Protection Platform provides extensive application control with features like ring-fencing and selective elevation, ensuring meticulous execution management. Offering learning mode and extensive support, it integrates threat detection and activity monitoring to enhance compliance, reduce costs, and bolster cybersecurity through alerts and approvals. Despite its strengths, there are areas for improvement in training flexibility, policy updates, and interface enhancements, along with challenges in handling non-digitally signed software. Deployed across environments, it works well with existing cybersecurity instruments for real-time threat prevention.
What are the top features of ThreatLocker?ThreatLocker Zero Trust Endpoint Protection Platform is widely implemented to safeguard IT infrastructures against unauthorized access and application use. In sectors where data security is paramount, this platform enables users to prevent unauthorized software installations and control device applications, ensuring real-time threat prevention and compliance with industry regulations.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
