We performed a comparison between CrowdStrike Falcon Complete and Sophos MDR based on real PeerSpot user reviews.
Find out in this report how the two Managed Detection and Response (MDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable part of Binary Defense is its team of cybersecurity analysts. Their analysts filter out the noise and only forward the critical threats that require a response instead of false positives."
"The customization has been the most valuable aspect and was really the reason we ended up selecting Binary Defense. They worked with us to provide exactly the level of support, features, response, and collaboration we needed."
"The biggest aspect for us is that they are able to conform to our environment and utilize our tools. That way, we still maintain ownership of all the data and access to the applications, and we never lose control of the ability to run the solution ourselves if we need to."
"The speed at which their services are reactive is valuable. Nowadays, when a threat hits an endpoint, you've got minutes, not hours or days. Their average response time is about four minutes on an alert. For anything that needs to be sent to us, it's about fourteen minutes, which is pretty good. They're the third SOC that I've used in fifteen years. By far, they are the quickest ones to act. When you're looking at prevention, that's a key factor."
"The most valuable features are the SIEM and the ticketing function; the latter is very smooth and easy to read and understand. We don't have any issues looking at the ticketing information when we're trying to identify what's going on."
"Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."
"The case interface is Binary Defense MDR's most valuable feature."
"Binary Defense has a human service department that provides live monitoring for our systems."
"The stability is great for CrowdStrike Falcon Complete."
"EDR and Next-Generation Antivirus (NGAV) are good features. The Spotlight feature is also good, and it also can detect patching-related vulnerabilities."
"I find the incident management feature valuable because it identifies new types of viruses and sends an alert to the console administrator to check the hardware."
"Its machine learning and AI features are good."
"The most valuable feature of Falcon Complete is that it is a full security operations center (SOC) as well as a SIEM solution, and it is fully managed. Their security teams are working 24/7 and analyzing everything happening on all endpoints. They also take care of the instant response, which includes disconnecting endpoints, taking over the endpoints and fixing them, and ransomware protection. All of these things are most valuable because it is very difficult to get all the resources in-house to do all of that yourself. So, if you can leverage the experience of a global corporation with the best reputation in the market, and it is fully managed, that's the best."
"The solution is easy to deploy and manage."
"Its IOCs alerting mechanism is good. I think it is AI based and categorizes behaviors which are unusual."
"The continuous improvement in detections and response times is valuable. They are more focused on threats that come from the cloud, not only that we see."
"The product's most valuable feature is its ability to view environmental activities."
"The solution is stable."
"There are lots of benefits because it includes real-time network threat detection (RNT), IP spoofing prevention, and a 24/7 support system. There is also protection against ransomware attacks."
"The product’s most valuable features are integration and endpoint protection."
"The most valuable feature is threat hunting."
"There is a feature called XDR Central. With this, Sophos can connect to third-party security solutions."
"It is a scalable solution."
"The product’s most valuable feature is ease of use."
"The only area I see for improvement with Binary Defense is their service portal. It could benefit from some enhancements."
"I would like to get more reports from Binary Defense about what they're blocking."
"I would like to see more frequent check-ins with our security status."
"We found a couple of bugs in the user interface."
"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."
"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."
"We should be able to isolate devices faster. They should shorten the time between clicking on a device to contain it and carrying out the action. That would be a welcome improvement."
"I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine."
"The solution needs to have human involvement, they could improve by having more automation where the solution can take the necessary action on time and more accurately."
"There can be an application for the mobile device for the administrator of the platform to have an overview. In less than two minutes, they should be able to see what is going on and take action."
"The logging features aren't robust and the information isn't kept long enough."
"The solution is geared more towards larger organizations, so it can be difficult for organizations with smaller budgets to utilize the solution."
"We have also been using Cisco AMP for Endpoints for three years. We have received multiple detections in Cisco AMP for Endpoints, and we had to take some actions, whereas CrowdStrike has not detected anything critical since it has been implemented. Most of the incidents that it has detected are false positives. They should work on the false-positive issue. When it is implemented throughout the organization, it gets very difficult to check each false positive and investigate what is correct and what is not correct. It requires technical and manual intervention."
"The downside is that if you are using a device offline, not connected to the internet, you will potentially have exposure."
"I would like to see CrowdStrike Falcon Complete XDR integrate more effectively with other technologies."
"CrowdStrike Falcon Complete could improve the threat visibility and have remediated vulnerabilities that they find."
"It could be more secure."
"The technical team for Sophos MDR is not so good since they take a long time, like a week, to provide a solution to a simple case or problem we face in our company."
"It is a bit expensive. It could be cheaper. There are many competitive products in the market, like Kaspersky, McAfee Antivirus, and more."
"Sophos MDR's support and basic training of their devices could be improved."
"Sophos MDR lacks integration with MDM solutions."
"Its technical support could be better."
"Once in a great while, an update fails."
"The solution is expensive for customers."
CrowdStrike Falcon Complete is ranked 1st in Managed Detection and Response (MDR) with 74 reviews while Sophos MDR is ranked 6th in Managed Detection and Response (MDR) with 20 reviews. CrowdStrike Falcon Complete is rated 8.6, while Sophos MDR is rated 8.4. The top reviewer of CrowdStrike Falcon Complete writes "Great next-generation antivirus with breach warranty and good intrusion protection". On the other hand, the top reviewer of Sophos MDR writes "Proactive protection, scalability, and cloud-based efficiency". CrowdStrike Falcon Complete is most compared with Arctic Wolf Managed Detection and Response, Blackpoint Cyber MDR, Secureworks Taegis ManagedXDR, Red Canary MDR and SentinelOne Vigilance, whereas Sophos MDR is most compared with SentinelOne Vigilance, Trend Micro Managed XDR, Arctic Wolf Managed Detection and Response, Bitdefender MDR and Microsoft Defender Experts for Hunting. See our CrowdStrike Falcon Complete vs. Sophos MDR report.
See our list of best Managed Detection and Response (MDR) vendors.
We monitor all Managed Detection and Response (MDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
