We performed a comparison between Crowdstrike Falcon and Sophos Intercept X based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, the two products are very similar. Crowdstrike Falcon comes out ahead in this comparison simply because it is easier to deploy than Sophos Intercept X.
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"Among the most valuable features are the alert timeline, the alert story, which is pretty detailed. It gives us complete insight into what exactly happened on the endpoint. It doesn't just say, "Malware detected." It tells us what caused that malware to be detected and how it was detected. It gives us a complete timeline from beginning to end."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"The visibility into threats that 365 Defender provides is really good. You get a full review of your security system and what can be improved. In the Microsoft 365 Defender portal the first page gives you a really big summary of which security policies you are following and what can be improved."
"The common and advanced security policies for threat hunting and blocking attacks are valuable."
"The initial setup is a very fast process."
"It's ability to do threat hunting is really great, quite robust, and even allows you to do hygiene stuff."
"The solution can scale easily."
"The EDR is amazing and ease of integration with Splunk is a big plus. Integration with BigQuery is also a plus for me and workflow creation is easy. Overall, CrowdStrike Falcon is a great product."
"The CS falcon agent is a lightweight agent compared with other agents of EDR products."
"At this point what is most valuable is the interface, which is easy to navigate."
"The EDR and XDR features have been most valuable."
"Their endpoint is pretty flawless. There is no lag on the machines at all. Even though I have a good overview of all the machines, that's pretty much the most valuable feature of CrowdStrike Falcon."
"The key factor that attracted me to Sophos Intercept X was the multi-platform. I have multiple clients that have mixed environments of Mac and Windows. I am able to deliver a standard solution, regardless of the platform."
"It is one of the best in terms of technicality."
"Solution for endpoint detection and response, with good stability and scalability. Users also benefit from email protection and data loss prevention."
"One of the best use cases involves synchronized security staff, which allows us to manage both the firewall and the anti-virus features from the cloud."
"The threat analysis center is nice."
"I find the security heartbeat feature with synchronized security very useful. It's a very nice feature that allows you to basically switch off an endpoint. When an endpoint has got a virus or something like that, or it's infected or compromised, you can isolate it from the network, but only if you've got an XG Firewall as well. It also provides ease of use. It is the only antivirus that can recognize 25 out of the 36 ransomware and virus techniques that have been often used in terms of the behavior base using heuristics. It's beautiful, utterly amazing. No other antivirus can do that."
"The client isolation feature is a very effective feature."
"The most valuable feature of Sophos Intercept X is cloud management."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"The data recovery and backup could be improved."
"Advanced attacks could use an improvement."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"The licensing is a nightmare and has room for improvement."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"The tool gives inconsistent answers and crashes a lot."
"The portal can be clunky to navigate at times and has room for improvement."
"The biggest issue with Falcon as a standalone product is it doesn't have very much reporting."
"The product could be more accurate in terms of performance."
"CrowdStrike costs a little more than its competitors."
"The GUI can use improvement, it's cloud-based so sometimes the interface can be a bit slow. The interface could use a little bit more speed."
"Technical support could be better than what is currently offered."
"In a future release, I would like to see more integrations for data breaches and security features."
"The malware analysis could be improved, as that's what we use the solution for the most and that change would make it a better EDR tool."
"From the management side, we receive detailed information. Sophos has many features, such as Threat Hunting but that comes with the XDR version of the solution. There's Sophos Intercept X and then there's Sophos Intercept X with XDR technology. We bought the XDR and then now the MTR, Managed Threat Response version available too. They have different packages for clients which gives them different options to pick from. If Sophos could combine more features into one package it would be beneficial."
"The graphical interface could improve. Additionally, adding less expensive mobile device support would be helpful. Other solutions have this feature."
"They don't have the full stack of offerings as compared to the other competitive products that we see."
"Integration with firewall solutions could be better."
"I have not done it, but integrating it with authenticating the users on the Windows system looks a bit complicated to me. It could be because I don't understand it."
"The initial setup was not very user-friendly."
"Mobile device management is a challenging area, and it can be improved. Some areas in the DLP solution can also be improved. It has the DLP capability, but it is not an all-out DLP program. I would like to see them improve the DLP solution in terms of reporting and possibly network monitoring. Currently, they only do the reporting parts of it."
"It has a performance hit on a local laptop. There's an agent installed and we are bothered a lot by it because it seems to be using a lot of computer resources."
Protect your organization from all threats - not just malware - even when computers and servers aren’t connected to the internet. Start your free trial and deploy CrowdStrike Falcon within minutes to start receiving full threat protection.
CrowdStrike Falcon is ranked 3rd in EPP (Endpoint Protection for Business) with 101 reviews while Intercept X Endpoint is ranked 7th in EPP (Endpoint Protection for Business) with 96 reviews. CrowdStrike Falcon is rated 8.6, while Intercept X Endpoint is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, SentinelOne Singularity Complete and Check Point Harmony Endpoint, whereas Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete, Fortinet FortiClient and Trend Micro Apex One. See our CrowdStrike Falcon vs. Intercept X Endpoint report.
See our list of best EPP (Endpoint Protection for Business) vendors, best EDR (Endpoint Detection and Response) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.