We performed a comparison between SentinelOne and Sophos Intercept X based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: SentinelOne comes out on top in this comparison due to its easy setup, high performance, attractive price, and impressive ROI.
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"Microsoft 365 Defender is a stable solution."
"The ability to hunt that IM data set or the identity data set at the same time is valuable. As incident response professionals, we are very used to EDRs and having device process registry telemetry, but a lot of times, we do not have that identity data right there with us, so we have to go search for it in some other silo. Being able to cross-correlate via both datasets at the same time is something that we can only do in Def"
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"The most valuable feature is probably the aggregation and correlation of the different telemetry points with Defender for Identity, Defender for Endpoint, and Defender for Cloud Apps. All of these various things are part of that portal. We've wanted that single pane of glass for years."
"A valuable feature offered by Sophos is called Naked Security, and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client."
"I consider the heuristics to be most valuable, the fact that the solution does not work solely on signatures."
"What I have found the most valuable about Sophos Intercept X is the ease of use with management administration and the solution's ability to stop exploits and ransomware."
"Intercept X's smart prevention it's very good as so are its machine learning capabilities for troubleshooting channels and files."
"The most valuable feature of the solution is that it is less hash-based than competitors."
"It is stable."
"It is very easy to set up and easy to use. It is also not resource-intensive."
"The forensics within the solution are quite good. The ransomware mitigation is also impressive."
"I appreciate that it is easy to review incidents that have been detected by the behavioral AI or the SentinelOne Cloud."
"The user interface, ease of maintenance, and the efficient way to identify the root cause of an incident to see all the factors that contributed to it are the most valuable features."
"The process visualization, automated response, and snapshotting are valuable. The integration and automation possibilities are also valuable."
"We have a preference for their receptor. It's good at finding many EFC files. EFC files could have a virus."
"I have found the activity timeline and threat analysis to be particularly useful."
"SentinelOne's auto-rollback feature is the most valuable."
"The most valuble feature of SentinelOne Singularity Complete is the recovery and zero-day detection."
"SentinelOne has helped us to improve our security by fine-tuning our current use cases and creating new ones."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"The price should be adjustable by region."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"At times, there may be delays in the execution of certain actions and their effects."
"Correctly updated records are the most significant area for improvement. There have been times when we were notified of a required fix; we would carry out the fix and confirm it but still get the same notification a week later. This seems to be a delay in records being updated and leads to false reporting, which is something that needs to be fixed."
"The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them."
"The pricing could be a bit lower to match the normal retail pricing."
"Should include additional integration."
"The product defends very well on its own but could possibly use enhancement in giving users more controls."
"We are not able to merge the sub-estates. If we create multiple sub-states and there may be instances where a user is in a different sub-state, it may not be possible for us to relocate that user from one sub-state to another through the console. We have to merge them manually which is not ideal."
"They might want to offer an MSP model for licensing, to offer the solution as a software as a service."
"It would be better if it can automatically generate a report for each and every user so that the users get to know the things that shouldn't be accessed from their PCs. It can have information about malicious and non-malicious sites so users are aware of them, and they don't access malicious websites. Such reports can be generated at the end of the day. We should also be able to get through to their support team quickly. Currently, it takes more than half an hour to get through to a technical person."
"We are considering switching from this solution as a result of the closer integration needed between the firewall systems and the EDR."
"I've had some issues with the specific agents, however, we are moving off of that particular OS that we were having issues with. Other than that, it's been a pretty solid tool."
"One way to improve and get additional benefits would be for SentinelOne to host the updated installer files for us, rather than us having to download and host them ourselves."
"We had some stability issues when we started working with SentinelOne."
"The MDM functionality and maturity still need improvement."
"The solution should include USB blocking for specific machines."
"We have had cases where Singularity Complete has caused applications to malfunction."
"Initially, when we first deployed the solution, it caused some third-party connectivity issues."
"I really haven't done enough to really see any improvements."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Protection Platform (EPP) with 176 reviews. Intercept X Endpoint is rated 8.4, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, Fortinet FortiClient and Fortinet FortiEDR, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Cortex XDR by Palo Alto Networks. See our Intercept X Endpoint vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.