• Home
  • Intercept X Endpoint vs. SentinelOne Singularity Complete

Intercept X Endpoint vs SentinelOne Singularity Complete comparison

Cancel
You must select at least 2 products to compare!
Microsoft Logo
Microsoft Defender XDR
Read 80 Microsoft Defender XDR reviews
4,984 views|3,726 comparisons
97% willing to recommend
Sophos Logo
Intercept X Endpoint
Read 101 Intercept X Endpoint reviews
16,133 views|13,575 comparisons
95% willing to recommend
SentinelOne Logo
SentinelOne Singularity Complete
Read 177 SentinelOne Singularity Complete reviews
34,412 views|17,344 comparisons
98% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Intercept X Endpoint vs. SentinelOne Singularity Complete
May 2024
Executive Summary
Updated on Jun 6, 2022

We performed a comparison between SentinelOne and Sophos Intercept X based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Ease of Deployment: SentinelOne reviewers say that the initial setup is straightforward. Some Sophos Intercept X users say that its initial setup is straightforward, but others say that it can be complex.
  • Features: Users of both products are happy with their stability and scalability. SentinelOne users report being very satisfied with its performance, multiple security features, user-interface, and the visibility and security it offers. Several SentinelOne users mention that they would like better reporting features. Sophos Intercept X users say it has good reporting, web filtering, and spam prevention capabilities. but that it consumes a lot of resources.
  • Pricing: Most SentinelOne users feel that the price of the product is fair. Sophos Intercept X received mixed reviews in the pricing category. Some users feel that the price is too high.
  • ROI: SentinelOne users report a significant ROI. Sophos Intercept X reviewers do not mention ROI.
  • Service and Support: Most users of both solutions report being satisfied with the level of the support they receive.

Comparison Results: SentinelOne comes out on top in this comparison due to its easy setup, high performance, attractive price, and impressive ROI.

To learn more, read our detailed Intercept X Endpoint vs. SentinelOne Singularity Complete Report (Updated: May 2024).
Download the complete report
772,649 professionals have used our research since 2012.
Featured Review
Sear Mahmood
It lets us prioritize threats and automate responses, but the threat intelligence could be better
Defender XDR enables us to prioritize threats according to the algorithm or our custom rules. We can prioritize threats and have the option to... Read more →
Anonymous User
Researched SentinelOne Singularity Complete but chose Intercept X Endpoint: Excellent at capturing malicious threats together with an aggressive next generation firewall
Brian Fulmer
Researched Intercept X Endpoint but chose SentinelOne Singularity Complete: The MDR service is convenient for a small team like ours
SentinelOne's managed detection response service Vigilance Respond is convenient for companies like ours with small IT teams. If something happens... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment.""The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR.""Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features.""It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done...""Email protection is the most valuable feature of Microsoft Defender XDR.""It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints.""The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def""The most valuable features are spam filtering, attachment filtering, and antivirus protection."

More Microsoft Defender XDR Pros →

"The dashboard is user-friendly.""It's a good antivirus software and has a lot of features. It now integrates with their on-premises firewall, which is perfect.""It is not just a simple virus scanning product. It handles more advanced needs.""The initial setup is simple.""Machine learning is used to detect the threat and it does so by prioritizing the suspicious activities.""The product is user-friendly.""Intercept X helps with internal alerts, application access, and triggering support teams.""The solution is easy to install."

More Intercept X Endpoint Pros →

"I have found the activity timeline and threat analysis to be particularly useful.""The external drive scanning is great.""The solution is easy to set up.""It seamlessly integrates with other solutions, providing a high level of compatibility and effectiveness.""They provide a map, a process tree, and that is pretty good for analysis.""It is easy to collect and retain logs with SentinelOne.""The most valuable feature of Singularity Complete is the Ranger function.""SentinelOne gives us visibility into various high-level vulnerabilities on every gateway on the network. It helps us prevent vulnerable devices from being compromised. We primarily use Singularity for its EDR functions. We're happy with that."

More SentinelOne Singularity Complete Pros →

Cons
"The web filtering solution needs to be improved because currently, it is very simple.""For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details.""365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot.""There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups.""It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console.""The management and automation of the cloud apps have room for improvement.""Advanced attacks could use an improvement.""Microsoft frequently changes the names of its products, sometimes even renaming entire portals or features."

More Microsoft Defender XDR Cons →

"I am not very satisfied with the product's reporting overall, and it needs improvement in this area.""The main real-time scanning takes most of the processing power of my notebook.""I'm not clear on what features need improvement. Everything is mostly fine.""The performance is very slow and should be faster.""They might want to offer an MSP model for licensing, to offer the solution as a software as a service.""The detection and the AI capabilities should be improved upon.""I would like to see better support for virtual and desktop infrastructures.""We are not able to merge the sub-estates. If we create multiple sub-states and there may be instances where a user is in a different sub-state, it may not be possible for us to relocate that user from one sub-state to another through the console. We have to merge them manually which is not ideal."

More Intercept X Endpoint Cons →

"Having an additional logic layer could improve the solution, mainly because I run multiple systems with different layers. For example, if I'm running a very important server with this agent, and that server gets infected, I may not necessarily be sure that I want to shut it down right away. Maybe I want to isolate some of the connectivity but not do the entire security remediation automatedly or curtail network access type of activity.""The solution’s distributed intelligence at the endpoint is pretty effective, but from time to time I see that the agent is not getting the full execution history or command-line parameters. I would estimate the visibility into an endpoint is around 80 percent. There is 20 percent you don't see because, for some reason, the agents don't get all of the information.""I would like to see a better mobile app so that I could look through my phone at the alerts and not have to go to the website. They should make it a little more mobile-accessible.""The setup process could be improved.""The role-based access is in dire need of improvement. We actually discussed this on a roadmap call and were informed that it was coming, but then it was delayed. It limits the roles that you can have in the platform, and we require several custom roles. We work with a lot of third-parties whom we rely on for some of our IT services. Part of those are an external SOC function where they are over-provisioned in the solution because there isn't anything relevant for the level of work that they do.""It primarily operates on local machines, monitoring processes, and not always providing detailed insights, relying on external information to determine the nature of a file.""The application management needs improvements, but I understand that they are working on it. We talked to them a few months ago, and it is something they are trying to get up to speed and fix. This way, we will be able to disable critical apps or vulnerable apps through SentinelOne. We will be able to patch applications or disable applications through the Application Management tab.""We have had cases where Singularity Complete has caused applications to malfunction."

More SentinelOne Singularity Complete Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."

    • More Microsoft Defender XDR Pricing and Cost Advice →

  • "We renew the license for one year at $10,000."
  • "The price is pretty good."
  • "When you start going to the EDR technologies and the MTR, it is a little bit expensive. It's a very good technology, and obviously, you're going to pay for it, but the pricing could do a little bit of work."
  • "We were able to eliminate the ransomware using the one-month, full-featured trial license."
  • "Licensing is based on the number of users. They give a discount for editors who are considered as important members. From what I know, Sophos products are not expensive. If you have a license extension, you just need to contact the editor or partner to change the mode of licensing or extend the license to cover more people."
  • "Intercept X for endpoints is around $35 per user per year. The server version is $95 per server per year."
  • "I find the pricing to be a little bit expensive, although it is acceptable, for now."
  • "The price of this product should be reduced because it is a little high."

    • More Intercept X Endpoint Pricing and Cost Advice →

  • "The price is competitive, if you compare it with other solutions on the market."
  • "Spend money on the security for the endpoint."
  • "The price for it is very competitive compared to other Next Gen EPP."
  • "The per-seat cost is low, but you have to commit to a certain number of licenses for a year."
  • "The larger count you have, the deeper discount you will receive in your contract."
  • "Our licensing fees are about $5 USD per endpoint, per month."
  • "USD$6 per end point which decreases as end points increase."
  • "Pricing is a bit of a pain point. That's where we have not been able to convince all of our customers to use SentinelOne. The pricing is still on the higher side. It's almost double the price, if not more, of a normal antivirus, such as NOD32, Kaspersky, or Symantec."

    • More SentinelOne Singularity Complete Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
    See Recommendations
    772,649 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Microsoft 365 Defender?
    Top Answer:Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and… more »
    Read all 41 answers   →
    What is your experience regarding pricing and costs for Microsoft 365 Def...
    Top Answer:Microsoft Defender XDR is expensive, especially for the full suite functionality. However, when compared to buying… more »
    Read all 31 answers   →
    What needs improvement with Microsoft 365 Defender?
    Top Answer:Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR. Additionally… more »
    Read all 40 answers   →
    How does Crodwstrike Falcon compare with Sophos Intercept X?
    Top Answer:I like that Crowdstrike Falcon allows me to easily correlate data between my firewalls. Its detection and machine… more »
    What do you like most about Sophos Intercept X?
    Top Answer:It is a very scalable solution.
    Read all 74 answers   →
    What is your experience regarding pricing and costs for Sophos Intercept X?
    Top Answer:The price of the product is okay, in my opinion. The tool's cost per user and per annum basis is around INR 700 to 800.
    Read all 49 answers   →
    Cortex XDR by Palo Alto vs. Sentinel One
    Top Answer:Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks.… more »
    Read all 3 answers   →
    Which is better - SentinelOne or Darktrace?
    Top Answer:Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is… more »
    Read all 7 answers   →
    What do you like most about SentinelOne?
    Top Answer:The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers… more »
    Read all 57 answers   →
    Comparisons
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    Sophos Intercept X
    Sentinel Labs, SentinelOne Singularity
    Learn More
    Microsoft
    Sophos
    SentinelOne
    Overview

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Sophos Intercept X Endpoint is a comprehensive cybersecurity solution that combines the power of artificial intelligence (AI) with Sophos' deep expertise in cybersecurity to provide unmatched protection against sophisticated cyber threats, including ransomware, malware, exploits, and zero-day vulnerabilities. Sophos Intercept X Endpoint stands out for its innovative approach to endpoint security, leveraging advanced technologies and expert services to provide comprehensive protection. Its focus on prevention, detection, and response, combined with ease of use and scalability, makes it a preferred choice for organizations looking to strengthen their cybersecurity defenses.

    Harness the Power of a Deep Learning Neural Network

    Achieve unmatched endpoint threat prevention. Intercept X uses deep learning, an advanced form of machine learning to detect both known and unknown malware without relying on signatures.

    Deep learning makes Intercept X smarter, more scalable, and more effective against never-seen-before threats. Intercept X leverages deep learning to outperform endpoint security solutions that use traditional machine learning or signature-based detection alone.

    Stop Ransomware in Its Tracks

    Block ransomware attacks before they wreak havoc on your organization. Intercept X with XDR includes anti-ransomware technology that detects malicious encryption processes and shuts them down before they can spread across your network. It prevents both file-based and master boot record ransomware.

    Any files that were encrypted are rolled back to a safe state, meaning your employees can continue working uninterrupted, with minimal impact to business continuity. You get detailed post-cleanup information, so you can see where the threat got in, what it touched, and when it was blocked.

    Intelligent Endpoint Detection and Response (EDR)

    The first EDR designed for security analysts and IT administrators

    Intercept X Advanced with EDR allows you to ask any question about what has happened in the past, and what is happening now on your endpoints. Hunt threats to detect active adversaries, or leverage for IT operations to maintain IT security hygiene. When an issue is found remotely respond with precision. By starting with the strongest protection, Intercept X stops breaches before they start. It cuts down the number of items to investigate and saves you time.

    • The strongest protection combined with powerful EDR
    • Add expertise, not headcount
    • Built for IT operations and threat hunting

    Extended Detection and Response (XDR)


    Intercept X Advanced with XDR is the industry’s only XDR solution that synchronizes native endpoint, server, firewall, email, cloud and O365 security. Get a holistic view of your organization’s environment with the richest data set and deep analysis for threat detection, investigation and response for both dedicated SOC teams and IT admins.

    • Cross reference indicators of comprise from multiple data sources to quickly identify, pinpoint and neutralize a threat
    • Use ATP and IPS events from the firewall to investigate suspect hosts and identify unprotected devices across your estate
    • Understand office network issues and which application is causing them
    • Identify unmanaged, guest and IoT devices across your organization’s environment

    Managed Detection and Response

    • Threat Hunting - Proactive 24/7 hunting by our elite team of threat analysts. Determine the potential impact and context of threats to your business.
    • Response - Initiates actions to remotely disrupt, contain, and neutralize threats on your behalf to stop even the most sophisticated threats
    • Continuous Improvement - Get actionable advice for addressing the root cause of recurring incidents to stop them for occurring again

    SentinelOne is a leading comprehensive enterprise-level autonomous security solution that is very popular in today’s marketplace. SentinelOne will ensure that today’s aggressive dynamic enterprises are able to defend themselves more rapidly, at any scale, and with improved precision, by providing comprehensive, thorough security across the entire organizational threat surface.

    SentinelOne makes keeping your infrastructure safe and secure easy and affordable. They offer several tiered levels of security and varied payment options. SentinelOne works well with Linux, Windows, and MacOS, and can successfully support legacy infrastructures as well as the newer popular environments, including the latest operating systems. The single pane of glass management will save time and money by reducing manpower and ensuring comprehensive security protection of all your endpoints locally and worldwide.

    SentinelOne offers intensive training and support to meet every organization’s unique business needs.

    SentinelOne's levels of services and support include, but are not limited to:

    SentinelOne GO is a guided 90-day onboarding service to ensure successful deployment and success. It assists with the deployment planning and overview, initial user setup, and product overviews. It provides ongoing training and advisory meetings, ensuring that everything is set up correctly and that your team understands the appropriate protocols to ensure success.

    SentinelOne offers multi-tiered support based on your organizational needs from small business to enterprise, using their Designed Technical Account Management (TAM). They have support for every business level: Standard, Enterprise, and Enterprise Pro. SentinelOne is always available to ensure that you and your organization work together to minimize the risk of downtime and any threat exposure.

    Threat Hunting & Response Services

    Support for threat hunting and response include Watch Tower, Watch Tower Pro, Vigilance Respond, and Vigilance Respond Pro. Each of these services builds on the other, progressively adding features based on your organizational needs.

    Watch Tower: This is the entry-level plan and includes: Active campaign hunting and cyber crime alerts and course correction for potential threats, access to the Monthly Hunting & Intelligence Digest.

    Watch Tower Pro: Includes everything in WatchTower and customized threat hunting for all current & historical threats, unlimited access to Signal Hunting Library of Pre-Built Queries, Incident-Based Triage and Hunting, continuous customer service, followup and reporting, a Security Assessment, and quarterly Cadence meetings.

    Vigilance Respond: Includes all of the features of Watch Tower in addition to a security assessment and Cadence meetings, which are on-demand. Provides the features of Watch Tower Pro in addition to 24x7x365 monitoring, triage, and response.

    Vigilance Respond Pro: Includes all of the features of the above options, including a security assessment and quarterly cadence meeting as well as a complete digital forensic investigation and malware analysis.

    Reviews from Real Users

    Jeff D. who is an Operations Manager at Proton Dealership IT, tells us that "The detection rate for Sentinel One has been excellent and we have been able to resolve many potential threats with zero client impact. The ability to deploy via our RMM allows us to quickly secure new clients and provides peace of mind."

    "The most valuable feature varies from client to client but having absolute clarity of what happened and the autonomous actions of SentinelOne are what most people find the most assuring." relates Rae J., Director IR and MDR at a tech services company.

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    Flexible Systems
    Havas, Flex, Estee Lauder, McKesson, Norfolk Southern, JetBlue, Norwegian airlines, TGI Friday, AVX, Fim Bank
    Top Industries
    REVIEWERS
    Computer Software Company16%
    Manufacturing Company16%
    Financial Services Firm12%
    Government9%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government8%
    Manufacturing Company8%
    REVIEWERS
    Financial Services Firm14%
    Manufacturing Company14%
    Computer Software Company12%
    Healthcare Company6%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Comms Service Provider7%
    Government7%
    Educational Organization6%
    REVIEWERS
    Manufacturing Company16%
    Computer Software Company11%
    Financial Services Firm9%
    Healthcare Company7%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Manufacturing Company7%
    Government6%
    Financial Services Firm6%
    Company Size
    REVIEWERS
    Small Business40%
    Midsize Enterprise24%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise18%
    Large Enterprise56%
    REVIEWERS
    Small Business63%
    Midsize Enterprise17%
    Large Enterprise20%
    VISITORS READING REVIEWS
    Small Business38%
    Midsize Enterprise20%
    Large Enterprise42%
    REVIEWERS
    Small Business40%
    Midsize Enterprise24%
    Large Enterprise36%
    VISITORS READING REVIEWS
    Small Business35%
    Midsize Enterprise19%
    Large Enterprise46%
    Buyer's Guide
    Intercept X Endpoint vs. SentinelOne Singularity Complete
    May 2024
    Free Report: Intercept X Endpoint vs. SentinelOne Singularity Complete
    Find out what your peers are saying about Intercept X Endpoint vs. SentinelOne Singularity Complete and other solutions. Updated: May 2024.
    DOWNLOAD NOW
    772,649 professionals have used our research since 2012.

    Intercept X Endpoint is ranked 4th in Endpoint Detection and Response (EDR) with 101 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 177 reviews. Intercept X Endpoint is rated 8.4, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, Fortinet FortiClient and Fortinet FortiEDR, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, Darktrace, CrowdStrike Falcon, ThreatLocker Protect and Kaspersky Endpoint Detection and Response Optimum. See our Intercept X Endpoint vs. SentinelOne Singularity Complete report.

    See our list of best Endpoint Detection and Response (EDR) vendors, best Endpoint Protection Platform (EPP) vendors, and best Extended Detection and Response (XDR) vendors.

    We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.