We performed a comparison between SentinelOne and Sophos Intercept X based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: SentinelOne comes out on top in this comparison due to its easy setup, high performance, attractive price, and impressive ROI.
"The best feature is threat hunting. There are a lot of other features I like, such as the alert mechanism. The chain alert mechanism has a huge impact. It combines all the alerts into one incident and automatically correlates them with AI."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"Microsoft 365 Defender is a good solution and easy to use."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"It is very easy to set up and easy to use. It is also not resource-intensive."
"The deployment is quick. It just depends on the environment and what you may be replacing."
"I like the way it goes beyond the office space. Being a cloud-based solution makes it very easy to manage your endpoints within the office. In this time of COVID, you can also very effectively manage people who are working from home."
"It is easy to change the size of its capabilities, i.e. to expand processes or scale the size of users."
"We have found the pricing to be reasonable."
"The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer."
"There do not seem to be any limitations to the scalability of this product."
"We most value the price and interface quality with Sophos Intercept X. We focus on solution quality."
"The terminating or killing remediation process that they use is top-notch. Pretty much anything that is even remotely malicious gets blocked by it within seconds. That is important for us. We have thousands of endpoints with tens of thousands of users. It is hard to do good security for that many people without some kind of automated detection and response. That is what SentinelOne does for us. It helps us automate that process."
"The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform."
"The management dashboard is the most valuable feature."
"The product can scale."
"I like that SentinelOne doesn't use a lot of system resources or make the system slow. It also performs a full scan quickly—within two hours. It has an easy-to-use end-user GUI."
"Its capacity to prevent new threats."
"The customer support for this solution is good."
"The best feature of SentinelOne Singularity Complete is that you don't need to configure a lot with it because it provides an unmatched layer of protection out of the box."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"The support from Microsoft could improve. There are times I have to wait for a response from a qualified specialist."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"Sophos needs to create a YouTube channel with educational material for technicians or engineers."
"Deployment on cloud needs to be carried out manually."
"Sophos Intercept X doesn't have its own firewall that utilizes the Windows Firewall or intrusion prevention."
"The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?""
"It's a bit heavy on the computers. So once you install it, the computer slows down. It is a resource-intensive solution."
"Needs more flexible reporting, particularly for medium to large size companies."
"To be a perfect product, the price would have to be a bit better."
"The solution is expensive, and it could be made cheaper."
"We did use the Ranger functionality. However, there was some scanning going on and it caused a lot of noise, so we had to disable it."
"I am not a fan of the UI and feel it has room for improvement."
"We have had cases where Singularity Complete has caused applications to malfunction."
"I really haven't done enough to really see any improvements."
"There is room for improvement with the management interface. It could be more user friendly."
"We often experience interruptions to our investigations in SentinelOne Singularity Complete."
"The grouping feature needs improvement."
"The solution does not have an application security and control module."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Intercept X Endpoint is ranked 7th in EPP (Endpoint Protection for Business) with 96 reviews while SentinelOne Singularity Complete is ranked 2nd in EPP (Endpoint Protection for Business) with 174 reviews. Intercept X Endpoint is rated 8.4, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, Fortinet FortiClient and Trend Micro Apex One, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Check Point Harmony Endpoint. See our Intercept X Endpoint vs. SentinelOne Singularity Complete report.
See our list of best EPP (Endpoint Protection for Business) vendors, best Extended Detection and Response (XDR) vendors, and best EDR (Endpoint Detection and Response) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.