We performed a comparison between Intercept X Endpoint and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The summarization of emails is a valuable feature."
"The integration between all the Defender products is the most valuable feature."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"It's a very scalable tool that can be used in a very small environment or in a very large environment. Everything can be managed from a simple dashboard and can be scaled up or down depending on the customer's environment."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"The most valuable aspect is undoubtedly the exploration capability"
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"The solution has very good usability."
"It does its job — it protects us from viruses. We don't really interact with it very much."
"The initial setup is simple."
"We use Sophos Intercept X for Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in our organization."
"The most valuable features are the cloud administration and the strength of the ransomware protection."
"Technical support is responsive and adept."
"I have found the most valuable feature to be the EDR."
"The most valuable features of Intercept X are server lockdown, auto-remediation, and encryption monitoring."
"The zero-day vulnerability is valuable."
"Its detection rate is valuable. It is really an easy product to install and manage. It is quite effective at what it does, and if needed, it can also be co-managed, which means 24 hours and seven days a week monitoring through a SOC."
"For our day-to-day use cases, the correlation and attribution of different alerts are valuable. It is sort of an SIEM, but it is intelligent enough to run the queries and intentionally detect and prioritize attacks for you. At the end of the day, it is different data that you see. It correlates data for you and makes it meaningful. You can see that someone got an email and clicked a link. That link downloaded, for example, malware into the memory of the machine. From there, you can see that they started moving laterally to your environment. I quite like it because it gives visibility, so Workbench is what we use every day"
"It is a stable product. It works very well."
"We had a quick deployment. The solution is easy to set up."
"The telemetric report is the most valuable feature."
"The search features help us try to correlate information and identify any suspicious activity."
"Drilling down further, we can analyze how our users are utilizing their workstations, including the websites they visit."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports."
"The support team is not competent or responsive."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"The product’s DDoS and AI features must be improved."
"From the management side, we receive detailed information. Sophos has many features, such as Threat Hunting but that comes with the XDR version of the solution. There's Sophos Intercept X and then there's Sophos Intercept X with XDR technology. We bought the XDR and then now the MTR, Managed Threat Response version available too. They have different packages for clients which gives them different options to pick from. If Sophos could combine more features into one package it would be beneficial."
"When we load Intercept X, it puts a load on the device. When it is scanning, it slows down the device. A system with basic specifications completely slows down till the scan is complete. They should improve this part."
"The tool is not stable on Linux systems."
"Deployment on cloud needs to be carried out manually."
"The product defends very well on its own but could possibly use enhancement in giving users more controls."
"If Sophos Intercept allows users to restrict website access based on specific needs, such as streaming new videos for business purposes, we would prefer to use that."
"There should be a report including a flowchart or diagram. It will be useful to evaluate the software’s effectiveness."
"The price could be lower."
"It would be ideal if they could improve the control of connectivity between sensors."
"I would like to have the capability to export the information we receive from the XDR into Microsoft Excel."
"The solution lacks compatibility with other products. It needs to integrate better with other surrounding solutions."
"The deployment process could be more streamlined over the existing infrastructure, as it was not as easy as we thought."
"The solution could always be made to be more secure."
"A room for improvement is Trend Micro XDR's website. It's a very complicated website since finding the right point one wants to see is difficult."
"We've received some mild complaints that the documentation is sometimes not up to date."
Intercept X Endpoint is ranked 4th in Endpoint Detection and Response (EDR) with 101 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 43 reviews. Intercept X Endpoint is rated 8.4, while Trend Vision One is rated 8.6. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Symantec Endpoint Detection and Response. See our Intercept X Endpoint vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.