We performed a comparison between Crowdstrike Falcon and Sophos Intercept X based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, the two products are very similar. Crowdstrike Falcon comes out ahead in this comparison simply because it is easier to deploy than Sophos Intercept X.
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"The integration with other Microsoft solutions is the most valuable feature."
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"Microsoft Defender XDR is scalable."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"Its most significant advantage lies in its affordability."
"It has definitely minimized resources. When everything was on-prem, there was a lot more work maintaining it. One of the big value tickets: I don't have lists of hundreds of exceptions for certain applications that I have to maintain, add, delete, and move. The very nature of the product has lessened my workload considerably."
"The detection is very reliable. Also, OverWatch is a great feature."
"The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."
"The stability is very good."
"Enables us to understand what processes are running on the system, what registry keys have been enabled."
"As an EDR tool, we can integrate log management and event management. The solution deals with threats automatically, that's the advantage."
"We haven't had any infections or down time."
"There's almost no maintenance required. It's very low if there's any at all."
"We find the app control and its threat protection to be the best features."
"Malware protection and application blocking are absolutely great. The DLP and malware features are very helpful. It is also very user-friendly, reliable, and scalable. It is easy to set up. We are also happy with its price and support."
"This is really good because it's applicable to zero-day threats."
"The most valuable feature is the anti-ransomware capability. It's been helpful because we have been seeing a lot of information around what the ransomware hit."
"The pricing is fair. It's not too costly for our small organization."
"A valuable feature offered by Sophos is called Naked Security, and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client."
"The solution's initial setup process was straightforward."
"This solution is easy to configure."
"The console is missing some features that would be helpful for a managed services provider, like device and user management."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"The licensing is a nightmare and has room for improvement."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"They need to strengthen the forensic capabilities of this product, for e-discovery."
"This solution is relatively expensive."
"Basically, they don't cover legacy OS or applications. That's the only issue we're concerned about"
"CrowdStrike Falcon could improve by adding manual scanning or serverless scanning. It is not available at this time."
"Tighter integration around XDR could be included."
"CrowdStrike should add support for ransomware protection."
"I would also like to see the endpoint firewall component produce some level of logging and feedback."
"The technical support could improve because I am in India and the support I receive is from the UK or Australia. It is difficult to manage the time difference. The service could be faster. However, when we do have the support they are knowledgeable."
"The after sales service and support could be improved."
"In terms of the site-to-site VPN elements, they tend to concentrate. It's quite simple when there are Meraki devices at both ends of the VPN but if there is another user at one end, on another device, it can be a bit tricky. So they could really simplify that process a bit."
"It would be beneficial if you could expand support for Windows 7 and Windows Server 2008 without charging an additional fee."
"Deployment on cloud needs to be carried out manually."
"Through Sophos Central I would like to see the ability to zero in and produce a report about the challenges being faced by a particular machine and user, to know if a virus is appearing only on that specific machine or also on others."
"The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?""
"I recommend that Intercept X Endpoint should include a patch assessment feature. Various vendors offer virtual patching solutions, which could be a game-changer, especially for the financial sector where frequent service restarts are challenging. These solutions allow patching servers without the need for restarts. Incorporating these features into Intercept X Endpoint would enhance its effectiveness in securing endpoints and servers."
"It consumes a lot of resources, and something needs to be done for that."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 105 reviews while Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews. CrowdStrike Falcon is rated 8.8, while Intercept X Endpoint is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and SentinelOne Singularity Complete, whereas Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete, Fortinet FortiClient and Fortinet FortiEDR. See our CrowdStrike Falcon vs. Intercept X Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Endpoint Detection and Response (EDR) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.