We performed a comparison between SentinelOne and Sophos Intercept X based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: SentinelOne comes out on top in this comparison due to its easy setup, high performance, attractive price, and impressive ROI.
"Scanning, vulnerability reporting, and the dashboard are the most valuable features."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"The threat intelligence is excellent."
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"The integration with other Microsoft solutions is the most valuable feature."
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"The most valuable features are the range and restriction."
"It does its job — it protects us from viruses. We don't really interact with it very much."
"Very stable solution."
"The EDR (Enhanced Data Detection and Response) and the DLP (Data Loss Prevention) components are valuable assets."
"Malware protection and application blocking are absolutely great. The DLP and malware features are very helpful. It is also very user-friendly, reliable, and scalable. It is easy to set up. We are also happy with its price and support."
"The Managed Detection and Response service provided by Intercept X Endpoint is highly valuable. With a team of 600-700 individuals monitoring systems, they swiftly respond to attacks, either informing us to isolate or directly removing threats. This full MDR service is especially recommended for sectors like finance, where data security is critical. The deep learning technology within Intercept X Endpoint enhances our security posture by analyzing behaviors and algorithms to differentiate between legitimate users and threats, effectively preventing attacks on our network infrastructure."
"It is stable."
"The package we use also comes with spam filtering features, which are quite useful."
"The most valuable features are forensic investigation and ransomware prevention."
"SentinelOne is the next-generation EDR solution."
"For me, the most valuable feature is the Deep Visibility. It gives you the ability to search all actions that were taken on a specific machine, like writing register keys, executing software, opening, reading, and writing files. All that stuff is available from the SentinelOne console. I'm able to see which software is permanent on a machine, and how that happened, whether by registry keys or writing it to a special folder on the machine."
"The most valuable feature varies from client to client but having absolute clarity of what happened and the autonomous actions of SentinelOne are what most people find the most assuring."
"It provides network and asset visibility for us."
"The most valuable aspect of SentinelOne Singularity Complete is the protection it provides."
"The autonomous platform is valuable because we can separate false positives and negatives."
"It's a plug-and-play solution that works well with other out of box integrations that we have."
"The solution does not offer a unified response and standard data."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"The licensing is a nightmare and has room for improvement."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"There could be a way to proactively monitor unusual activity ."
"The support could be more knowledgable to improve their offering."
"Better protection in the endpoint, server, and mobile is needed."
"We've had difficulty with uninstalling the solution. When we try to uninstall an old version of the basic Sophos Antivirus, it doesn't seem to uninstall completely."
"It's a bit heavy on the computers. So once you install it, the computer slows down. It is a resource-intensive solution."
"It could be a bit easier to implement."
"If we can lower the price, it will be fantastic because it will generate more revenue for us."
"We are considering switching from this solution as a result of the closer integration needed between the firewall systems and the EDR."
"This solution is not in the high ratings on many of the top review sites. This solution has to be near the top for me to continue using it."
"Integration with firewall solutions could be better."
"I've had some issues with the specific agents, however, we are moving off of that particular OS that we were having issues with. Other than that, it's been a pretty solid tool."
"One thing I don't like is the exportable report. They're they're not as useful as I'd hoped they would be."
"Interoperability with other SentinelOne solutions and other third-party tools is an area where you can run into some issues. Because of the way the agent works, there are sometimes things that are blocked or prevented from happening that are not identified as a threat, and therefore, not alerted in the console. Sometimes, we do have to dig through the logs, run tests, and adjust the whitelisting or exclusions to make sure that other applications will run properly."
"I would like to have the same features such as ransomware that are available on the cloud version of SentinelOne also made available for the on-prem version because a lot of people in our region are not ready for cloud solutions."
"They have tiers of support like most companies do. For the first three years, we had the top tier of their support and we would get a response from a technician quickly. We didn't have many things we had to ask of them. They would be very quick. We are now one tier down from that. The SLA for us is no longer within an hour or two. It's within half a day or something like that. As far as if I do ask a question of them, it is a little slower than what it used to be. I understand that we're at a lesser tier, but sometimes it feels like that could be a little better. I have to preface that by specifying that we're no longer paying for their top tier support."
"When comparing SentinelOne to CrowdStrike, I find that CrowdStrike has more comprehensive vulnerability assessment tools."
"We are not utilizing all the features available with SentinelOne Singularity Complete, including the built-in XDR and Ranger, due to the substantial associated costs."
"There is not much flexibility in terms of policy fine-tuning. We can turn it off or turn it on, but, there's nothing much else to do. Everything is predefined. It's good in a way, but you don't get much flexibility if you want to do something particular."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Protection Platform (EPP) with 177 reviews. Intercept X Endpoint is rated 8.4, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, Fortinet FortiClient and Fortinet FortiEDR, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Cortex XDR by Palo Alto Networks. See our Intercept X Endpoint vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.