We performed a comparison between Intercept X Endpoint and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team."
"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"I have found the ability to delete unwanted threats beneficial."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"Intercept X helps with internal alerts, application access, and triggering support teams."
"We find all features valuable. It has zero-day protection, which is the most valuable feature of Intercept X. We have Intercept X with EDR. EDR is a very important feature. It gives an idea about the source of a particular attack. An administrator gets to know everything, which helps in understanding the things that need to be done or protected in the organization. Based on this information, an administrator can decide what needs to open or allowed in the network. Without EDR, Intercept X is like an antivirus, and the administrator won't get to know the things going on at the organizational level. I recommend purchasing an EDR solution for every organization."
"The package we use also comes with spam filtering features, which are quite useful."
"The most valuable features are ease of use and the GUI."
"The most valuable features of Sophos Intercept X are the ease of use and the policy options that are simple to understand. Overall, the protection is good."
"The EDR (Enhanced Data Detection and Response) and the DLP (Data Loss Prevention) components are valuable assets."
"Everything in Intercept X Endpoints is much centralised which makes it easy for our team to work with. The functions are in a single portal."
"Ransomware protection is the most valuable feature of this solution."
"It has the feature to track an attack back. If there is an incident or an attack occurs, you can get a bird's eye view of that attack. You can see how the attackers came in and how they managed the attack. You can trace an attack. If you are giving a presentation to the management, you can easily show it to them in a live environment how the attackers came, which is amazing."
"I like the workbench. It is a view of all the alerts or problems in your estate. The visibility that it provides to engineers is very useful. It is one thing having lots of alerts. It is another thing to have something to correlate all your alerts into a workbench for you so that you can see what is going on."
"The telemetric report is the most valuable feature."
"The centralized visibility is good."
"The solution is stable."
"The automatic EDR system that notifies us when something is wrong is valuable."
"The most valuable feature is the network protection shield on every server, which isolates attacks and prevents our clients from being affected."
"Scaling is not a problem at all."
"Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"The solution does not offer a unified response and standard data."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"To be a perfect product, the price would have to be a bit better."
"When we load Intercept X, it puts a load on the device. When it is scanning, it slows down the device. A system with basic specifications completely slows down till the scan is complete. They should improve this part."
"Better protection in the endpoint, server, and mobile is needed."
"They should work on the logs and events. Sophos Intercept X needs to increase the interface test so that it can export to a live event."
"Intercept X needs more reporting and device management features, so I can get messages from PCs that let me know if I need to do something with them."
"The solution is heavy in the usage of resources, you can notice the performance decrease. This should prove in the future."
"There is some issue with the reporting and refreshing information on resources that have been eliminated."
"The tool is not stable on Linux systems."
"Reporting could be a little bit better. They are working on it, and it is getting better."
"I'd like to see alert time reduction so that they show up on the dashboard faster."
"Having more variables within the playbook would be useful. It would allow us to have more refined playbooks for the business. It would allow us to take stronger action through a playbook. It will give us confidence to target a particular area of business where our risk tolerance might be higher or lower. We would like to have more granular playbooks."
"While blocking an IP address restricts access for 30 days, it eventually becomes accessible again."
"The information captured by Trend Vision One needs to be more detailed."
"It is very expensive."
"The solution only supports Windows and Mac. It would be helpful if it could support other OS, such as Linux."
"The centralized dashboard has room for improvement."
Intercept X Endpoint is ranked 4th in Endpoint Detection and Response (EDR) with 101 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 43 reviews. Intercept X Endpoint is rated 8.4, while Trend Vision One is rated 8.6. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Symantec Endpoint Detection and Response. See our Intercept X Endpoint vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.