We performed a comparison between Microsoft Defender For Endpoint and Sophos Intercept X based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Sophos Intercept X comes out on top. While the Microsoft Defender For Endpoint solution is good, it lacks in certain areas that Sophos Intercept X don’t have to worry about. Overall, users of Sophos Intercept X have mainly positive feedback on the product, agreeing that its set of features is excellent.
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The most valuable feature is the analysis, because of the beta structure."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"Ability to get forensics details and also memory exfiltration."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"The threat analysis center is nice."
"The most valuable features of Sophos Intercept X are the minimal configuration needed for the end user and the central view of all the endpoints. There are plenty of tools to control and manage the endpoints. Additionally, there is the capability of connecting the endpoint to the CLI."
"The patches on offer are very helpful."
"The dashboard is user-friendly."
"It is a very scalable solution."
"The initial setup is simple."
"One reason why I have stuck with Sophos is because it grabs it and deals with it, and if it's known malware, it can quarantine it or delete it."
"The product efficiently prevents data leakages."
"It does not make Windows slow, as compared to all of the third part antiviruses."
"The most valuable feature of Microsoft Defender for Endpoint is that it is embedded into the Windows system. Additionally, the performance is good and simple to maintain."
"The investigation aspect is the most useful. It's user friendly and has a good user interface."
"The biggest benefit to Windows Defender is that it is built-in to the operating system by Microsoft."
"Microsoft Defender for Endpoint is free and part of the licensing stack of other Microsoft products."
"Microsoft Defender for Endpoint is beneficial because we are using Microsoft Windows and all the core solutions are made by Microsoft, such as the authentic platform, operating system, and antivirus protection. It is a heterogeneous environment. We had to use third-party solutions before and update everything separately. For example, the policy for antivirus. With Microsoft Defender for Endpoint, when Microsoft Windows receives updates it will update with it. This is one main advantage of this solution."
"For threat-hunting, I'll put some threats in a test scenario. I've downloaded known viruses that are out in the public for testing. They're not really a virus but they've got a signature. Defender for Endpoint will automatically find those, quarantine them for me, and alert me to what it did. It gives me "automated eyes.""
"Microsoft Defender for Endpoint's most valuable feature is its ease of use."
"We find the solution to be a bit expensive."
"Detections could be improved."
"Cannot be used on mobile devices with a secure connection."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The only minor concern is occasional interference with desired programs."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The customer service and support could be improved in regards to response time. It could be faster."
"The solution can be expensive, although we do see the value in it."
"I would like to have a built-in firewall, rather than having to integrate one."
"The initial setup can be difficult if you don't come in with at least some knowledge about the product."
"There are not any solutions that are a 10 out of 10. A 10 would be perfect protection with no impact on the performance of the device. This is not the case, there is some impact on the performance of the device."
"Intercept X needs more reporting and device management features, so I can get messages from PCs that let me know if I need to do something with them."
"It consumes a lot of resources, and something needs to be done for that."
"The tool is not stable on Linux systems."
"Right now, the solution provides some recommendations on the dashboard but we don't have any priorities. It's a mix of all the vulnerabilities and all the security recommendations. I would like to see some priority or categorization of high, medium, and low so that we can fix the high ones first."
"Microsoft Defender in the basic form is not very useful for managing the security environment. The free version is not capable of covering the needs of centralized management, EDR, and behavioral analysis. If you don't have the commercial version, you can't have centralized management and set up the policies and other things. Each client is a standalone installation, which is not useful for security in an enterprise model."
"Notifications are always popping up — I hate that."
"Its interface can be improved a little bit. We would like to have some sort of centralization. It should have something like a central server that is managing all the other clients. There are solutions from Kaspersky or ESET NOD32 that are really doing this kind of thing currently. We would like to see something similar from Microsoft."
"We would like to see more tools for managing on-premises security... Sometimes, we have the tools, like Defender, to manage security in the cloud, but because we are so focused on the cloud, we forget the fact that we need to be sure about the security of the on-premises environment, specifically Active Directory."
"Microsoft Defender could be improved with features more like the McAfee ePO. It would be better if I had a console to get all the information for my endpoints. Maybe this is too much for it, but it would be better if it could handle those non-signature-based malicious codes or viruses."
"Microsoft Defender for Endpoint can improve by making the reporting faster. It takes some time to reflect back to the administration portal of what has been updated. For example, out of 100 Computers, approximately 90 computers received updates, but when you check the administration portal over one or two days, you will only see 75, even though 90 were updated."
"I had some cases a while back and told an agent my issue. When I called the next day, I had to explain everything again to a different person, so I found it annoying to repeat myself all over."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Intercept X Endpoint is rated 8.4, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Intercept X Endpoint is most compared with CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete, Fortinet FortiClient and Trend Micro Apex One, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, SentinelOne Singularity Complete, CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Microsoft Intune. See our Intercept X Endpoint vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.