Compare Carbon Black CB Defense vs. Sophos Intercept X

Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about Carbon Black CB Defense vs. Sophos Intercept X and other solutions. Updated: September 2020.
441,726 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"Its most valuable features are its scalability and advanced threat protection for customers.""I am told that we get over 100 million emails a month. This filters them down and allows only somewhere about three million emails, which is a great help.""For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors.""The most valuable features of this solution are the IPS and the integration with ISE.""The simplicity of use is its most valuable feature. You can very clearly see things.""The stability of the solution is perfect. I believe it's the most stable solution on the market right now.""I am really satisfied with the technical support.""It is a very stable program."

More Cisco AMP for Endpoints Pros »

"It actually does some heuristics, and some behavioral analysis.""The most valuable asset is the time-lining capability for any breach activity.""This product has the capability of uploading scripts to the tool and this is a very comprehensive feature.""The data analysis is the most valuable because of the whitelist database. It is different than standard IDS solutions.""The biggest feature out of CarbonBlack is its ability to dive in with more depth. You can look at the entire kill chain and understand, not only if an alarm or identified incident is truly a true security issue versus a false positive, and it allows us to backtrack and figure out why it actually happened and how it got into the environment.""The offline networking is the most important feature. Some of our users are engineers that work offsite, and they can still be on the solution, which is also great.""The most valuable feature is that it detects and stops malicious executables.""You can deploy it through the cloud so that even if your stuff is outside of your controlled environment, you are still under control, based on the policies you create. The policies are controlled through the cloud. For example, if I don't allow anyone to do a certain activity or to install a particular app, and a consultant or a partner who is not part of our environment is doing so, it will stop them as well."

More Carbon Black CB Defense Pros »

"We use Sophos Intercept X for Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) in our organization.""It is easy to change the size of its capabilities, i.e. to expand processes or scale the size of users.""We most value the price and interface quality with Sophos Intercept X. We focus on solution quality.""The most valuable feature is the supervisory side of it where we can watch the throughputs, and even the loading of the device, to see how much traffic is happening.""A valuable feature offered by Sophos is called Naked Security, and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client.""It is a practically maintenance free intelligent system that independently protects environments from malicious attacks.""All of the features are very important for anyone who is supporting a large number of computers.""After that, the client switched to Sophos to get the protection they lacked. It either works or it doesn’t and Sophos works."

More Sophos Intercept X Pros »

Cons
"We would like to have an API integration with a SIEM solution, because as far as I know, it currently hasn't yet been released.""I would like them to add whatever makes filtering more advanced in scanning and blocking for malware in emails.""The solution needs more in-depth analytics.""In the next version of this solution, I would like to see the addition of local authentication.""The initial setup is a bit complex because you need to execute existing antiviruses or security software that you have on your device.""In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened.""The reporting and analytics areas of the solution need to be improved.""I would like more seamless integration."

More Cisco AMP for Endpoints Cons »

"The tech support communicates, but it's just not with movement.""I would personally give the tech support a rating of seven out of ten.""The UI interface needs improvement. The management needs further work in future versions.""Carbon Black needs to do a better job of proving their platform in the industry, and providing a bit more access to do industry testing with real world examples to help prove their platform.""The endpoint machines need improvement.""This solution works well but needs lots of tuning and optimization.""As far as I know, Carbon Defense has nothing that can be installed on mobile devices. It lacks a defense solution for mobile devices, especially mobile tablets. I would like to see support for mobile devices and the pricing should be less than the pricing for a normal workstation.""When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing."

More Carbon Black CB Defense Cons »

"They should work on the logs and events. Sophos Intercept X needs to increase the interface test so that it can export to a live event.""Technical support can be improved. There could be shared support, i.e. where someone in Egypt can respond.""Sophos needs to create a YouTube channel with educational material for technicians or engineers.""In terms of the site-to-site VPN elements, they tend to concentrate. It's quite simple when there are Meraki devices at both ends of the VPN but if there is another user at one end, on another device, it can be a bit tricky. So they could really simplify that process a bit.""The initial setup was not very user-friendly.""The product defends very well on its own but could possibly use enhancement in giving users more controls.""The price of this solution can be improved.""They might want to offer an MSP model for licensing, to offer the solution as a software as a service."

More Sophos Intercept X Cons »

Pricing and Cost Advice
"The costs of 50 licenses of AMP for three years is around $9,360.""The price is very good.""The visibility that we have into the endpoint and the forensics that we're able to collect give us value for the price. This is not an overly expensive solution, considering all the things that are provided. You get great performance and value for the cost.""Whenever you are doing the licensing process, I would highly advise to look at what other Cisco solutions you have in your organization, then evaluate if an Enterprise Agreement is the best way to go. In our case, it was the best way to go. Since we had so many other Cisco products, we were able to tie those in. We were actually able to get several Cisco security solutions for less than if we had bought three or four Cisco security solutions independently or ad hoc.""In our case, it is a straightforward annual payment through our Enterprise Agreement.""Our company was very happy with the price of Cisco AMP. It was about a third of what we were paying for System Center Endpoint Protection.""There are a couple of different consumption models: Pay up front, or if you have an enterprise agreement, you can do a monthly thing. Check your licensing possibilities and see what's best for your organization.""The Enterprise Agreement is like an all-you-can-eat buffet of Cisco products. In that vein, it was very affordable."

More Cisco AMP for Endpoints Pricing and Cost Advice »

"I am not really involved in the pricing of this product. But, from my understanding, it is OK for us.""Carbon Black might be a touch more expensive than Symantec. They tend to get a premium for their capabilities. They're sort of an industry leader in a lot of areas with the functionality that they provide.""We have branches, we have different companies, but we cannot buy less than 100 licenses. This does not make sense to me... It should be more flexible. I can understand their saying, "Okay, to be a customer you need 100," but to add on to that number it should be something very straightforward. If I need to add five, for example, I shouldn't need to add 100.""The pricing [is] more or less the same as other similar solutions.""It's reasonable in price"

More Carbon Black CB Defense Pricing and Cost Advice »

"We renew the license for one year at $10,000.""The price is pretty good.""When you start going to the EDR technologies and the MTR, it is a little bit expensive. It's a very good technology, and obviously, you're going to pay for it, but the pricing could do a little bit of work.""We were able to eliminate the ransomware using the one-month, full-featured trial license.""Licensing is based on the number of users. They give a discount for editors who are considered as important members. From what I know, Sophos products are not expensive. If you have a license extension, you just need to contact the editor or partner to change the mode of licensing or extend the license to cover more people.""Intercept X for endpoints is around $35 per user per year. The server version is $95 per server per year.""I find the pricing to be a little bit expensive, although it is acceptable, for now."

More Sophos Intercept X Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Endpoint Protection (EPP) for Business solutions are best for your needs.
441,726 professionals have used our research since 2012.
Questions from the Community
Top Answer: The solution's integration capabilities are excellent. It's one of the best features.
Top Answer: Nice to have URL management, password protection of the app, more details of the machine & user running the app.
Top Answer: The primary use case is for endpoint protection. For the larger deployments, we use it for our policy enforcement as… more »
Top Answer: While Carbon Black is great for good detections and incident Response, Crowdstrike is EDR on steroids. It's everything… more »
Top Answer: A short answer: Perhaps the biggest IMO is SentinelOne is the only one of these 3 that does not have to go to the cloud… more »
Top Answer: The triage feature that shows you the whole chain of the malware is useful.
Top Answer: I’m not sure but if you are using Sophos Intercept X I would suggest just adding the Sophos EDR component.
Popular Comparisons
Compared 3% of the time.
Compared 7% of the time.
Also Known As
Bit9, ConferIntercept X
Learn
Cisco
Carbon Black
Sophos
Overview

Advanced Malware Protection (AMP) is subscription-based, managed through a web-based management console, and deployed on a variety of platforms that protects endpoints, network, email and web Traffic. AMP key features include the following: Global threat intelligence to proactively defend against known and emerging threats, Advanced sandboxing that performs automated static and dynamic analysis of files against more than 700 behavioral indicators, Point-in-time malware detection and blocking in real time and Continuous analysis and retrospective security regardless of the file's disposition and Continuous analysis and retrospective security.

CB Defense is an industry-leading next-generation antivirus (NGAV) and endpoint detection and response (EDR) solution. CB Defense is delivered through the CB Predictive Security Cloud, an endpoint protection platform that consolidates security in the cloud using a single agent, console and data set. CB Defense is certified to replace AV and designed to deliver the best endpoint security with the least amount of administrative effort. It protects against the full spectrum of modern cyber attacks, including the ability to detect and prevent both known and unknown attacks. CB Defense leverages the powerful capabilities of the CB Predictive Security Cloud, applying our unique streaming analytics to unfiltered endpoint data in order to predict, detect, prevent, respond to and remediate cyber threats. In addition, CB Defense provides a suite of response and remediation tools, including Live Response, which allows security personnel to perform remote live investigations, intervene with ongoing attacks and instantly remediate endpoint threats. For peace of mind, CB Defense customers can also leverage CB ThreatSight, Carbon Black’s managed threat alert service, to validate alerts and uncover new threats.

Sophos Intercept X stops the widest range of attacks with a unique combination of deep learning malware detection, exploit prevention, anti-ransomware, and more.

Offer
Learn more about Cisco AMP for Endpoints
Learn more about Carbon Black CB Defense
Learn more about Sophos Intercept X
Sample Customers
Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial BankNetflix, Progress Residential, Indeed, Hologic, Gentle Giant, Samsung Research AmericaFlexible Systems
Top Industries
REVIEWERS
Healthcare Company20%
Government13%
Reseller7%
Financial Services Firm7%
VISITORS READING REVIEWS
Computer Software Company26%
Comms Service Provider26%
Government6%
Construction Company4%
REVIEWERS
Construction Company25%
Healthcare Company17%
Security Firm8%
Financial Services Firm8%
VISITORS READING REVIEWS
Computer Software Company35%
Comms Service Provider10%
Government5%
Media Company5%
REVIEWERS
Healthcare Company29%
International Affairs Institute14%
Government14%
Financial Services Firm14%
VISITORS READING REVIEWS
Computer Software Company28%
Comms Service Provider15%
K 12 Educational Company Or School6%
Government5%
Company Size
REVIEWERS
Small Business33%
Midsize Enterprise17%
Large Enterprise50%
VISITORS READING REVIEWS
Small Business22%
Midsize Enterprise26%
Large Enterprise53%
REVIEWERS
Small Business47%
Midsize Enterprise6%
Large Enterprise47%
VISITORS READING REVIEWS
Small Business24%
Midsize Enterprise30%
Large Enterprise46%
REVIEWERS
Small Business52%
Midsize Enterprise39%
Large Enterprise9%
Find out what your peers are saying about Carbon Black CB Defense vs. Sophos Intercept X and other solutions. Updated: September 2020.
441,726 professionals have used our research since 2012.
Carbon Black CB Defense is ranked 8th in Endpoint Protection (EPP) for Business with 10 reviews while Sophos Intercept X is ranked 9th in Endpoint Protection (EPP) for Business with 20 reviews. Carbon Black CB Defense is rated 8.4, while Sophos Intercept X is rated 8.4. The top reviewer of Carbon Black CB Defense writes "Symantec opened our eyes to be able to see what's out there, but then we needed Carbon Black to be able to actively fix it". On the other hand, the top reviewer of Sophos Intercept X writes "Reliable, scalable and very simple to set up". Carbon Black CB Defense is most compared with Carbon Black Cb Response, Microsoft Windows Defender, CrowdStrike Falcon, SentinelOne and Tanium, whereas Sophos Intercept X is most compared with CrowdStrike Falcon, Bitdefender GravityZone Ultra, Microsoft Windows Defender, SentinelOne and Symantec End-user Endpoint Security. See our Carbon Black CB Defense vs. Sophos Intercept X report.
We monitor all Endpoint Protection (EPP) for Business reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.