We performed a comparison between SentinelOne and Sophos Intercept X based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: SentinelOne comes out on top in this comparison due to its easy setup, high performance, attractive price, and impressive ROI.
"The summarization of emails is a valuable feature."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"The most valuable feature of all is the full integration with the rest of the software in the operating system and Office 365, as well as Microsoft SCCM. It is quite easy for us to work with the whole instance of Microsoft products. This integration improves the benefits of the whole suite of products."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"One of the best features of Sophos Intercept is that it repairs without slowing down the system."
"The most valuable feature of Sophos Intercept X is a web filtering and URL sanity checks. Overall the solution is well balanced with all its features."
"The most valuable features of Sophos Intercept X are the minimal configuration needed for the end user and the central view of all the endpoints. There are plenty of tools to control and manage the endpoints. Additionally, there is the capability of connecting the endpoint to the CLI."
"It is one of the best in terms of technicality."
"We most value the price and interface quality with Sophos Intercept X. We focus on solution quality."
"Ransomware protection is the most valuable feature of this solution."
"The threat analysis center is nice."
"The product efficiently prevents data leakages."
"I am particularly interested in the new app vulnerability module that is included with the Singularity Complete edition."
"It seamlessly integrates with other solutions, providing a high level of compatibility and effectiveness."
"It's quite scalable."
"Singularity has the same features as other antivirus products, but it provides an added layer of security and vulnerability protection. It's also light on resources. Singularity doesn't use a lot of CPU or memory."
"The most valuble feature of SentinelOne Singularity Complete is the recovery and zero-day detection."
"Its ability to interact with other third-party tools has been great for us. It can work through APIs and partners and integrate well."
"The Microsoft integrations are most valuable right now."
"Tracking down which devices don't currently have SentinelOne on them is the most valuable feature of the product."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"This solution could be improved if it included features such as those offered by Malwarebytes."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"The price should be adjustable by region."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"The management and automation of the cloud apps have room for improvement."
"The initial setup was not very user-friendly."
"Intercept X needs more reporting and device management features, so I can get messages from PCs that let me know if I need to do something with them."
"Better protection in the endpoint, server, and mobile is needed."
"As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of."
"Intercept X Endpoint is a very heavy solution that consumes a lot of RAM and should be made lighter."
"It's a bit heavy on the computers. So once you install it, the computer slows down. It is a resource-intensive solution."
"The product defends very well on its own but could possibly use enhancement in giving users more controls."
"Installing Sophos Intercept X was not as straightforward, as we had to ask support and had to work with an integrator, though the process didn't take much time, e.g. it was completed within one hour."
"The agent update is not the most intuitive process, but I understand why they do it. We have a pretty vertical 64-bit environment for Windows. That is pretty much all we have, but we get alerts for things like the new Linux endpoint or things that do not apply to us. That is probably the only thing that I do not like. There may be some way to turn that off so that I do not get endpoint update alerts from platforms that are not applicable to our system, enterprise, or network."
"The solution should include USB blocking for specific machines."
"Singularity Complete needs to improve its ability to granularly select and extract the executable files that I want to run."
"Using the filters takes a little bit of time to get to used to."
"The SentinelOne portal is not user-friendly, which is one of its drawbacks."
"The way Singularity Complete handles blocking external mass storage is annoying because it is so difficult to unblock single endpoints."
"Although the SentinelOne firewall seems to offer potential benefits, in reality, it hasn't proven to be very helpful."
"The application management needs improvements, but I understand that they are working on it. We talked to them a few months ago, and it is something they are trying to get up to speed and fix. This way, we will be able to disable critical apps or vulnerable apps through SentinelOne. We will be able to patch applications or disable applications through the Application Management tab."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Intercept X Endpoint is ranked 4th in Endpoint Detection and Response (EDR) with 101 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Detection and Response (EDR) with 177 reviews. Intercept X Endpoint is rated 8.4, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, Fortinet FortiClient and Fortinet FortiEDR, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Cortex XDR by Palo Alto Networks. See our Intercept X Endpoint vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Detection and Response (EDR) vendors, best Endpoint Protection Platform (EPP) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.