We performed a comparison between SentinelOne and Sophos Intercept X based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: SentinelOne comes out on top in this comparison due to its easy setup, high performance, attractive price, and impressive ROI.
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"The integration with other Microsoft solutions is the most valuable feature."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"Its most significant advantage lies in its affordability."
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"I am impressed with the tool's common dashboard feature. The solution is also easy to deploy and manage. Reporting is also easy with the software."
"We most value the price and interface quality with Sophos Intercept X. We focus on solution quality."
"The base product and the anti-malware feature are most valuable."
"A valuable feature offered by Sophos is called Naked Security, and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client."
"This solution can be used with any device, mobiles, desktops, or any appliances."
"The solution is scalable."
"I have found the most valuable feature to be the EDR."
"The most valuable feature of Sophos Intercept X is a web filtering and URL sanity checks. Overall the solution is well balanced with all its features."
"The EDR functionality of the platform is what we use the most. That was the primary reason why we got SentinelOne. That is what we use the most in terms of functionality."
"The initial setup is very straightforward and easy."
"Sentinel One has improved our organization by protecting the environment we are working in."
"It seamlessly integrates with other solutions, providing a high level of compatibility and effectiveness."
"The most valuable aspect, in any scenario, was the rollback feature."
"The tool's most valuable feature is EDR."
"The deep visibility is really important for us. With it, we can really look deep into some of the incidents."
"SentinelOne has improved the overall security posture of the firm without creating a lot of hassle for our end users. Everything is a bit more secure. We think Singularity Complete has helped us reduce our organizational risks."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"Intrusion detection and prevention would be great to have with 365 Defender."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"Stability could be improved by avoiding frequent changes to the interface."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"We are considering switching from this solution as a result of the closer integration needed between the firewall systems and the EDR."
"I'm not clear on what features need improvement. Everything is mostly fine."
"The Data Loss Prevention module can be better. It should also have threat hunting capabilities."
"From the management side, we receive detailed information. Sophos has many features, such as Threat Hunting but that comes with the XDR version of the solution. There's Sophos Intercept X and then there's Sophos Intercept X with XDR technology. We bought the XDR and then now the MTR, Managed Threat Response version available too. They have different packages for clients which gives them different options to pick from. If Sophos could combine more features into one package it would be beneficial."
"We would like more application control in order to be able to schedule times and access."
"The performance offered by the product needs improvement."
"Intercept X Endpoint is a very heavy solution that consumes a lot of RAM and should be made lighter."
"The endpoint detection and response (EDR) technology has room for improvement because the information that it gives us to resolve our problems is poor nowadays."
"Managing the alerts is a challenge. Singularity generates a lot of alerts and false positives."
"The solution’s distributed intelligence at the endpoint is pretty effective, but from time to time I see that the agent is not getting the full execution history or command-line parameters. I would estimate the visibility into an endpoint is around 80 percent. There is 20 percent you don't see because, for some reason, the agents don't get all of the information."
"The channel policy has room for improvement."
"They have tiers of support like most companies do. For the first three years, we had the top tier of their support and we would get a response from a technician quickly. We didn't have many things we had to ask of them. They would be very quick. We are now one tier down from that. The SLA for us is no longer within an hour or two. It's within half a day or something like that. As far as if I do ask a question of them, it is a little slower than what it used to be. I understand that we're at a lesser tier, but sometimes it feels like that could be a little better. I have to preface that by specifying that we're no longer paying for their top tier support."
"It seems like they are doing a lot with their automatic updates. They can maybe slow down the actual release cycle to make it easier to deploy the most recent and then do it using the live update. They can continue to work on that because trying to get agent changes through change management platforms and get approvals and testing can be quite difficult."
"SentinelOne's phishing feature could be improved."
"It would be good to see some small tools to test files or hashes that are a potential threat, I know there are already products offering this."
"Using the filters takes a little bit of time to get to used to."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 100 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Protection Platform (EPP) with 176 reviews. Intercept X Endpoint is rated 8.4, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, Fortinet FortiClient and Bitdefender GravityZone EDR, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Wazuh. See our Intercept X Endpoint vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.