We performed a comparison between Microsoft Defender For Endpoint and Sophos Intercept X based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Sophos Intercept X comes out on top. While the Microsoft Defender For Endpoint solution is good, it lacks in certain areas that Sophos Intercept X don’t have to worry about. Overall, users of Sophos Intercept X have mainly positive feedback on the product, agreeing that its set of features is excellent.
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"This is stable and scalable."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"It is stable and scalable."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"I like the way it goes beyond the office space. Being a cloud-based solution makes it very easy to manage your endpoints within the office. In this time of COVID, you can also very effectively manage people who are working from home."
"Malware protection and application blocking are absolutely great. The DLP and malware features are very helpful. It is also very user-friendly, reliable, and scalable. It is easy to set up. We are also happy with its price and support."
"The package we use also comes with spam filtering features, which are quite useful."
"The solution's initial setup process was straightforward."
"The most valuable features of Sophos Intercept X are the minimal configuration needed for the end user and the central view of all the endpoints. There are plenty of tools to control and manage the endpoints. Additionally, there is the capability of connecting the endpoint to the CLI."
"The most valuable feature of Intercept X its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because could go in and get it back."
"The solution is scalable."
"It is easy to interact with, and its cost is also good."
"I've started to test it from the security point of view. There are plenty of features that are interesting, but at this time, the XDR functionality is most valuable. It is endpoint security on steroids."
"The whole bundle of the product, which is similar to other Microsoft products, is valuable. Ten years ago, you had third-party stuff for different things. You had one solution for email archiving and another third-party one for something else. Nowadays, Microsoft Office covers all the stuff that was formerly covered by third-party solutions. It is the same with antivirus. The functionality is just basic. You have the scanning, and then you also have a kind of cloud-based protection and reporting about your environment. With Microsoft Security Center, you have a complete overview of your environment. You know the software inventory, and you have security recommendations. You can not only see that the antivirus is up to date; you can also see where are the vulnerabilities in your system. Microsoft Security Center tells you where you have old, deprecated software and what kind of CVEs are addressed. It's really cool stuff."
"Because it has been integrated with the OS, we get the entire software inventories, and we even get access to the registries. Those are the primary features."
"Microsoft Defender for Endpoint is beneficial because we are using Microsoft Windows and all the core solutions are made by Microsoft, such as the authentic platform, operating system, and antivirus protection. It is a heterogeneous environment. We had to use third-party solutions before and update everything separately. For example, the policy for antivirus. With Microsoft Defender for Endpoint, when Microsoft Windows receives updates it will update with it. This is one main advantage of this solution."
"The primary advantage is that you don't need to install it. It's included in the Windows 10 delivery."
"I find the vulnerability management section of Microsoft Defender for Endpoint to be very useful for organizations."
"The installation is straightforward."
"We like that it has a free version available."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"The SIEM could be improved."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The only minor concern is occasional interference with desired programs."
"It takes about two business days for initial support, which is too slow in urgent situations."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"There is room for improvement in terms of stability and updates."
"As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of."
"Through Sophos Central I would like to see the ability to zero in and produce a report about the challenges being faced by a particular machine and user, to know if a virus is appearing only on that specific machine or also on others."
"I have not done it, but integrating it with authenticating the users on the Windows system looks a bit complicated to me. It could be because I don't understand it."
"The deployment part needs to be improved."
"There should be a report including a flowchart or diagram. It will be useful to evaluate the software’s effectiveness."
"The customer service and support could be improved in regards to response time. It could be faster."
"This solution is not in the high ratings on many of the top review sites. This solution has to be near the top for me to continue using it."
"Microsoft Defender for Endpoint could improve by making the reporting better."
"We'd like the stability to be better."
"The file scanning has room for improvement. Many people use macros within their files, so there should be a mechanism that helps us to scan them for malicious payloads."
"Microsoft Defender for Endpoint should include better automation that will make it faster to detect the latest threats happening across the world."
"Microsoft Defender for Endpoint is not as robust, and you cannot customize it much, so that's a challenge."
"I personally haven't experienced any pain points, but some of my coworkers feel that it isn't secure enough."
"We would like to see more tools for managing on-premises security... Sometimes, we have the tools, like Defender, to manage security in the cloud, but because we are so focused on the cloud, we forget the fact that we need to be sure about the security of the on-premises environment, specifically Active Directory."
"Defender is free for one year. Once that year is over, we will switch to Kaspersky."
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Intercept X Endpoint is rated 8.4, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Intercept X Endpoint is most compared with CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete, Fortinet FortiClient and Trend Micro Apex One, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, SentinelOne Singularity Complete, CrowdStrike Falcon, Cortex XDR by Palo Alto Networks and Microsoft Intune. See our Intercept X Endpoint vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.