We performed a comparison between Microsoft Defender For Endpoint and Sophos Intercept X based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Sophos Intercept X comes out on top. While the Microsoft Defender For Endpoint solution is good, it lacks in certain areas that Sophos Intercept X don’t have to worry about. Overall, users of Sophos Intercept X have mainly positive feedback on the product, agreeing that its set of features is excellent.
"The stability is very good."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"It is stable and scalable."
"Fortinet is very user-friendly for customers."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Ability to get forensics details and also memory exfiltration."
"The price is low and quite competitive with others."
"Intercept X helps with internal alerts, application access, and triggering support teams."
"Technical support is responsive and adept."
"I consider the heuristics to be most valuable, the fact that the solution does not work solely on signatures."
"Ransomware protection is the most valuable feature of this solution."
"Intercept X's smart prevention it's very good as so are its machine learning capabilities for troubleshooting channels and files."
"Solution for endpoint detection and response, with good stability and scalability. Users also benefit from email protection and data loss prevention."
"It does its job — it protects us from viruses. We don't really interact with it very much."
"One of the best use cases involves synchronized security staff, which allows us to manage both the firewall and the anti-virus features from the cloud."
"The biggest benefit to Windows Defender is that it is built-in to the operating system by Microsoft."
"The performance of Microsoft Defender for Endpoint has been good."
"It captures data through machine learning, which is built-in on the back-end. It also provides built-in analytics and a threat intelligence feature. It is a one-stop solution that doesn't require an antivirus because it comes prebuilt into Windows 10."
"The most valuable features are that it is flexible, and it is integrated with Microsoft products."
"I like the simplicity of the portal and the integration with Microsoft Intune. Microsoft Defender for Endpoint is easy to use and implement."
"We have very good visibility on our endpoints. The level of information it throws back is helpful."
"The performance of Microsoft Defender for Endpoint has been a valuable feature."
"We have liked the fact that it comes with Microsoft Windows 10 and it is constantly updated with all new virus definitions. It is also updated with new security features on a regular basis."
"The dashboard isn't easy to access and manage."
"It takes about two business days for initial support, which is too slow in urgent situations."
"Cannot be used on mobile devices with a secure connection."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"The solution is not stable."
"We find the solution to be a bit expensive."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"The solution should address emerging threats like SQL injection."
"They should keep doing what they're doing. Both of them have entered the EDR/MDR space, and they're keeping up with their competitors. I have a hard time understanding why their capabilities aren't garnering more attention."
"It's a bit heavy on the computers. So once you install it, the computer slows down. It is a resource-intensive solution."
"There is room for improvement in terms of stability and updates."
"The detection and the AI capabilities should be improved upon."
"It should offer better security updates."
"I am not very satisfied with the product's reporting overall, and it needs improvement in this area."
"It has a performance hit on a local laptop. There's an agent installed and we are bothered a lot by it because it seems to be using a lot of computer resources."
"The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?""
"I think Microsoft needs to improve some of the security aspects of Defender. The email part, in particular, needs to be improved in terms of security effectiveness."
"It is currently more suitable for end-users rather than enterprises with lots of other processes and third-party tools. It needs improvement on that front. We had many issues while integrating it with our enterprise solutions, such as Splunk, and third-party tools. It provides everything via APIs. Other vendors provide integration with third-party tools, but Microsoft doesn't do that. It is also logging too much and is not serialized from the process aspect. It has all the data, but it is not in a proper format or not properly indexed, which doesn't make it easier for enterprises to use this data. Other vendors provide troubleshooting information that can be used to troubleshoot issues, but Microsoft doesn't provide anything like that."
"From an audit point of view, our auditors would like to have more reports on how things are used, if things go wrong, and how they went wrong. For example, if something got a warning, "Why?" So, we would like more versatility for tracing and reporting. That would improve the product, as long as the user interface doesn't get bogged down."
"Microsoft Defender for Endpoint could provide us with a more holistic approach, such as collaboration. They can provide us with an environment from where we can manage all the endpoints from one central location, such as overall management."
"I would like to see the next generation of the tool improved to work with other operating systems, like Linux."
"Cortex... has good investigation capabilities, out-of-the-box, in case there is an event that you'd like to investigate. It's quite convenient. Microsoft has those capabilities as well, but you need a bit more training on the product to get the basic information that you can get out-of-the-box with Cortex."
"I wish they would extend the use of the Security Central portal, even for the free option of Defender. Because, as companies grow, it is labor intensive to manage the AV and detection part of it. For companies already subscribed to Office 365, I think this would be a good enhancement."
"It's not quite a mature solution just yet. It needs more time to grow and develop."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Intercept X Endpoint is rated 8.4, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Intercept X Endpoint is most compared with CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete, Fortinet FortiClient and Trend Micro Apex One, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, SentinelOne Singularity Complete, CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Microsoft Intune. See our Intercept X Endpoint vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.