We performed a comparison between Intercept X Endpoint and Trend Vision One based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"The best feature is probably the alert generation. When I do a security reset, the other session triggers instantly from the Defender console, and I can work on it. The policies are three times, but they are also ready to install it."
"The EDR features are valuable. By getting the EDR features, we have more control over the device. We have information about events in real-time and more protection against zero-day threats and zero-day vulnerabilities. We can monitor every event or action that a device is going through. We can get an idea if it is something malicious or if we have to take any actions."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"I appreciate the ability to use the latest endpoint protection features in case of an infection or cyber threat. This is especially true when using the product with a Sophos firewall solution, like the XG series. They collaborate effectively in the event of a cyber threat."
"There do not seem to be any limitations to the scalability of this product."
"Synchronization with the firewall is most valuable."
"The performance is good."
"We use Sophos Intercept X for Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in our organization."
"I consider the heuristics to be most valuable, the fact that the solution does not work solely on signatures."
"Intercept X's smart prevention it's very good as so are its machine learning capabilities for troubleshooting channels and files."
"I find the security heartbeat feature with synchronized security very useful. It's a very nice feature that allows you to basically switch off an endpoint. When an endpoint has got a virus or something like that, or it's infected or compromised, you can isolate it from the network, but only if you've got an XG Firewall as well. It also provides ease of use. It is the only antivirus that can recognize 25 out of the 36 ransomware and virus techniques that have been often used in terms of the behavior base using heuristics. It's beautiful, utterly amazing. No other antivirus can do that."
"We can scale the product as needed."
"XDR provided a much more deep view into what is actually happening."
"The automatic EDR system that notifies us when something is wrong is valuable."
"Drilling down further, we can analyze how our users are utilizing their workstations, including the websites they visit."
"It is a stable product. It works very well."
"I like Vision One's observed attack techniques feature. It lets you see what an attacker is doing, how they have tried to exploit a machine, or how malicious code is operating. It helps us discover indicators of compromise so we can write better rules for detection."
"For our day-to-day use cases, the correlation and attribution of different alerts are valuable. It is sort of an SIEM, but it is intelligent enough to run the queries and intentionally detect and prioritize attacks for you. At the end of the day, it is different data that you see. It correlates data for you and makes it meaningful. You can see that someone got an email and clicked a link. That link downloaded, for example, malware into the memory of the machine. From there, you can see that they started moving laterally to your environment. I quite like it because it gives visibility, so Workbench is what we use every day"
"VisionOne offers a clear window into the security posture of our endpoints."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The web filtering solution needs to be improved because currently, it is very simple."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"Sometimes, configurations take much longer than expected."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"When there is an event generated by either the firewall or Intercept X, and the originating IP address is the same, these should be merged into a single event rather than two."
"There should be a report including a flowchart or diagram. It will be useful to evaluate the software’s effectiveness."
"I am not very satisfied with the product's reporting overall, and it needs improvement in this area."
"The product defends very well on its own but could possibly use enhancement in giving users more controls."
"We would like to deploy across a variety of machines simultaneously through the network."
"Stability-wise, we had issues with some clients which had to be dealt with manually. The issue was with that installation part."
"To be a perfect product, the price would have to be a bit better."
"From the management side, we receive detailed information. Sophos has many features, such as Threat Hunting but that comes with the XDR version of the solution. There's Sophos Intercept X and then there's Sophos Intercept X with XDR technology. We bought the XDR and then now the MTR, Managed Threat Response version available too. They have different packages for clients which gives them different options to pick from. If Sophos could combine more features into one package it would be beneficial."
"In new versions I would like to see better implementation of the reporting features, especially in regards to EDR visibility."
"Having more variables within the playbook would be useful. It would allow us to have more refined playbooks for the business. It would allow us to take stronger action through a playbook. It will give us confidence to target a particular area of business where our risk tolerance might be higher or lower. We would like to have more granular playbooks."
"Vision One's search could be improved. While the platform is very user-friendly, the search feature uses terms that aren't as intuitive."
"The integration with third-party tools and with on-premises Active Directory needs improvement."
"They are planning on adding the Security Playbooks as a complete feature. In the preview mode, it is available; however, it is not released."
"The solution could always be made to be more secure."
"We'd like to see a few more integrations."
"The information captured by Trend Vision One needs to be more detailed."
Intercept X Endpoint is ranked 4th in Endpoint Detection and Response (EDR) with 101 reviews while Trend Vision One is ranked 5th in Endpoint Detection and Response (EDR) with 43 reviews. Intercept X Endpoint is rated 8.4, while Trend Vision One is rated 8.6. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Symantec Endpoint Detection and Response. See our Intercept X Endpoint vs. Trend Vision One report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.