We performed a comparison between SentinelOne and Sophos Intercept X based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: SentinelOne comes out on top in this comparison due to its easy setup, high performance, attractive price, and impressive ROI.
"The integration with other Microsoft solutions is the most valuable feature."
"I have found the ability to delete unwanted threats beneficial."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"We are able to consolidate licences and make use of many Microsoft products using this solution. If we have any Microsoft customers, we encourage them to use this solution for enterprise defence."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"Its most significant advantage lies in its affordability."
"This product integrates well with Sophos firewalls and should be seriously considered by Sophos Firewall clients."
"The thing that I like about it is the synchronized security. You can tie endpoint protection and firewalls and a whole range of other services and products. You can get your servers taken in under this."
"It is a very scalable solution."
"The package we use also comes with spam filtering features, which are quite useful."
"The most valuable feature is the behavioral, non-signature-based threat detection."
"The product efficiently prevents data leakages."
"I appreciate the ability to use the latest endpoint protection features in case of an infection or cyber threat. This is especially true when using the product with a Sophos firewall solution, like the XG series. They collaborate effectively in the event of a cyber threat."
"We find all features valuable. It has zero-day protection, which is the most valuable feature of Intercept X. We have Intercept X with EDR. EDR is a very important feature. It gives an idea about the source of a particular attack. An administrator gets to know everything, which helps in understanding the things that need to be done or protected in the organization. Based on this information, an administrator can decide what needs to open or allowed in the network. Without EDR, Intercept X is like an antivirus, and the administrator won't get to know the things going on at the organizational level. I recommend purchasing an EDR solution for every organization."
"The tool's most valuable feature is Vigilance Respond Pro monitoring. You don't have to have a dedicated SOC and worry about staffing."
"The most valuable features include the agent installation and update processes."
"It's quite scalable."
"I have found the most valuable feature to be the rapid threat detection."
"The product can scale as needed."
"The best feature of SentinelOne Singularity Complete is that you don't need to configure a lot with it because it provides an unmatched layer of protection out of the box."
"It gives you good visibility of any threats or vulnerabilities that you might have on your network."
"The offline protection offered by SentinelOne Singularity Complete for my devices is valuable."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"There could be a way to proactively monitor unusual activity ."
"Advanced attacks could use an improvement."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"There is no common area where we can manage all the policies for the EDR, third-party solutions, devices, servers, Windows, Mac, etc., but it's on the road map, and we ware waiting for that feature."
"The logs could be better."
"It consumes a lot of resources, and something needs to be done for that."
"The security is good but the feature set is limited."
"The endpoint detection and response (EDR) technology has room for improvement because the information that it gives us to resolve our problems is poor nowadays."
"The performance is very slow and should be faster."
"I would like to have a built-in firewall, rather than having to integrate one."
"Technical support can be improved. There could be shared support, i.e. where someone in Egypt can respond."
"There is some issue with the reporting and refreshing information on resources that have been eliminated."
"When we load Intercept X, it puts a load on the device. When it is scanning, it slows down the device. A system with basic specifications completely slows down till the scan is complete. They should improve this part."
"I would like to improve the reports because they are not so customizable and we would like more info from them."
"SentinelOne needs to improve its endpoint deployment process."
"The UI appears to be flat, and I wish to have the ability to customize it with features and buttons that are tailored to our needs."
"They can improve the administrative interface. They can make it more user-friendly."
"The solution does not have an application security and control module."
"The SentinelOne portal is not user-friendly, which is one of its drawbacks."
"Something we are looking forward to is the ability of the SentinelOne backend to ingest data from other sources. Now that they are moving to the Singularity data lake, we are looking forward to being able to query data that is not just collected by SentinelOne endpoint agents. We are looking forward to being able to query against all data that we are ingesting into that backend."
"SentinelOne can improve by having better integration with Active Directory."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Intercept X Endpoint is ranked 4th in Endpoint Detection and Response (EDR) with 101 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 177 reviews. Intercept X Endpoint is rated 8.4, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, Fortinet FortiClient and Fortinet FortiEDR, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Cortex XDR by Palo Alto Networks. See our Intercept X Endpoint vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Endpoint Protection Platform (EPP) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.