We performed a comparison between Intercept X Endpoint and Sophos MDR based on real PeerSpot user reviews.
Find out in this report how the two Managed Detection and Response (MDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The speed at which their services are reactive is valuable. Nowadays, when a threat hits an endpoint, you've got minutes, not hours or days. Their average response time is about four minutes on an alert. For anything that needs to be sent to us, it's about fourteen minutes, which is pretty good. They're the third SOC that I've used in fifteen years. By far, they are the quickest ones to act. When you're looking at prevention, that's a key factor."
"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."
"One of the main benefits of Binary Defense MDR is the ability to easily meet with their support team to discuss any issues we encounter."
"The customization has been the most valuable aspect and was really the reason we ended up selecting Binary Defense. They worked with us to provide exactly the level of support, features, response, and collaboration we needed."
"The case interface is Binary Defense MDR's most valuable feature."
"The best part about Binary Defense MDR is that it runs on everything, and they keep an eye on things 24/7."
"Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."
"With Binary Defense, we don't just get an alert, but also a detailed rundown of why they're alerting us on it. They tell us what was executed, or the username, script, or IP. That way, we're not wasting time investigating."
"Very stable solution."
"One of the best features of Sophos Intercept is that it repairs without slowing down the system."
"It is stable and has a good price. I find it very good."
"We most value the price and interface quality with Sophos Intercept X. We focus on solution quality."
"The forensics within the solution are quite good. The ransomware mitigation is also impressive."
"What I have found the most valuable about Sophos Intercept X is the ease of use with management administration and the solution's ability to stop exploits and ransomware."
"It provides a feature for scanning and analyzing endpoints, which is a value-add for our infrastructure. With the advancements in the Advanced Persistent Threats (APTs), Sophos Intercept X analyzes an APT and the behavior of the endpoints. It then gives us a detailed dashboard with more information about the endpoints and their security and risk level. While deploying Sophos Intercept X, we identified a lot of vulnerability and risky endpoints that our previous solution didn't cover, which proved that this solution is the best."
"The initial setup is simple."
"The product’s most valuable feature is rapid response."
"The most valuable feature is the ability to integrate multiple functions into a single dashboard regardless of the vendors being integrated."
"The most valuable feature of the Sophos Managed Threat Response is the central management capabilities and monitoring."
"It is a stable solution...It is a scalable solution."
"Sophos MTR will stop the threat as it is happening. Intercept X, which is a part of it, has the ability to roll back, so the attack is undone. And then the advanced edition of MTR lets me handle the threat by talking on the phone. I don't have to deal with it. I don't have to just go through emails back and forth. We don't have to pay extra for Rapid Response services. If something is happening, they're right on top of it."
"I like Sophos MDR's inbuilt feature for DLP (Data Loss Prevention)."
"The product’s most valuable feature is ease of use."
"The most valuable feature is threat hunting."
"I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine."
"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."
"We should be able to isolate devices faster. They should shorten the time between clicking on a device to contain it and carrying out the action. That would be a welcome improvement."
"I would like to get more reports from Binary Defense about what they're blocking."
"The only area I see for improvement with Binary Defense is their service portal. It could benefit from some enhancements."
"We found a couple of bugs in the user interface."
"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."
"Binary Defense MDR could be even better with additional features, like automatic scans and file quarantine."
"Mobile device management is a challenging area, and it can be improved. Some areas in the DLP solution can also be improved. It has the DLP capability, but it is not an all-out DLP program. I would like to see them improve the DLP solution in terms of reporting and possibly network monitoring. Currently, they only do the reporting parts of it."
"The technical support is the lone sore-point when dealing with this product."
"The integration has room for improvement, especially with Mac OS."
"Needs more flexible reporting, particularly for medium to large size companies."
"As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of."
"Intercept X needs more reporting and device management features, so I can get messages from PCs that let me know if I need to do something with them."
"It consumes a lot of resources, and something needs to be done for that."
"It would be better if it can automatically generate a report for each and every user so that the users get to know the things that shouldn't be accessed from their PCs. It can have information about malicious and non-malicious sites so users are aware of them, and they don't access malicious websites. Such reports can be generated at the end of the day. We should also be able to get through to their support team quickly. Currently, it takes more than half an hour to get through to a technical person."
"Multitenancy features of Sophos Managed Threat Response should be improved. You cannot use the solution for multiple clients."
"The only challenge we face with the tool is the pricing. Clients often compare it with other products in the market and try to negotiate prices. This concern has caused some challenges in closing deals. Otherwise, as a product, we have no worries."
"One of the limitations that we have found is with communications and the languages in different countries."
"Endpoint protection is very slow."
"Sophos MDR's support and basic training of their devices could be improved."
"They should improve XDR and threat protection capabilities for zero-day attacks."
"It is a bit expensive. It could be cheaper. There are many competitive products in the market, like Kaspersky, McAfee Antivirus, and more."
"It could be more secure."
Intercept X Endpoint is ranked 9th in Managed Detection and Response (MDR) with 101 reviews while Sophos MDR is ranked 5th in Managed Detection and Response (MDR) with 22 reviews. Intercept X Endpoint is rated 8.4, while Sophos MDR is rated 8.6. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Sophos MDR writes "Proactive protection, scalability, and cloud-based efficiency". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient, whereas Sophos MDR is most compared with CrowdStrike Falcon Complete, SentinelOne Vigilance, Arctic Wolf Managed Detection and Response, Trend Micro Managed XDR and eSentire. See our Intercept X Endpoint vs. Sophos MDR report.
See our list of best Managed Detection and Response (MDR) vendors.
We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.