We performed a comparison between SentinelOne and Sophos Intercept X based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: SentinelOne comes out on top in this comparison due to its easy setup, high performance, attractive price, and impressive ROI.
"It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"Microsoft 365 Defender's most valuable feature is the ability to control the shadow IP."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"The solution protects us."
"The solution is scalable."
"Anti-virus captures malicious threats and an aggressive next generation firewall."
"After that, the client switched to Sophos to get the protection they lacked. It either works or it doesn’t and Sophos works."
"The most valuable feature is the supervisory side of it where we can watch the throughputs, and even the loading of the device, to see how much traffic is happening."
"It is an intelligent tool."
"It is stable and has a good price. I find it very good."
"We have found the pricing to be reasonable."
"Another valuable feature is that if a machine is infected, one that may infect other computers within the network, we have the capability of segregating that machine in the network so that it remains connected to the internet but is cut off from the other machines in the network. That helps prevent spreading of the infection. That's a very unique feature, one I have not seen in the last 10 to 15 years from any other antivirus program. That's amazing."
"I am particularly interested in the new app vulnerability module that is included with the Singularity Complete edition."
"Scalable endpoint protection solution that takes seconds to set up per device. It has a rollback feature and offers good technical support."
"Its ability to interact with other third-party tools has been great for us. It can work through APIs and partners and integrate well."
"In terms of the engines that SentinelOne uses, it has stopped various scripts from running and it's highlighted lateral movement that we weren't expecting."
"The single pane of glass is probably the most valuable. That is a big one. We could see everything from one view."
"The tool saves 50% of the staff's time."
"The detection rate for Sentinel One has been excellent and we have been able to resolve many potential threats with zero client impact. The ability to deploy via our RMM allows us to quickly secure new clients and provides peace of mind."
"Advanced attacks could use an improvement."
"A simple dashboard without having to use MS Sentinel would be a welcome improvement."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"The solution does not offer a unified response and standard data."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"We tried to set up Sophos Zero Trust within my Sophos central cloud. It only works with Microsoft and I use Google. I'd like to see Google added."
"The performance offered by the product needs improvement."
"Technical support is too slow to schedule meetings."
"We are considering switching from this solution as a result of the closer integration needed between the firewall systems and the EDR."
"They should work on the logs and events. Sophos Intercept X needs to increase the interface test so that it can export to a live event."
"This product does not handle USB drives well."
"The after sales service and support could be improved."
"The detection and the AI capabilities should be improved upon."
"Singularity Complete needs to improve its ability to granularly select and extract the executable files that I want to run."
"There is not much focus on the on-premise solution as the license cap is so huge for small and medium-sized institutions."
"The anti-ransomware technology takes up a lot of disc space."
"With respect to product patches, it should have the ability to patch directly from SentinelOne, rather than be presented with a list and have to do it separately."
"I would like to see a better mobile app so that I could look through my phone at the alerts and not have to go to the website. They should make it a little more mobile-accessible."
"SentinelOne needs to provide more documentation for administrators and analytics."
"I would have liked the dashboard to be more user-friendly."
"It's good on Linux, and Windows is pretty good except that the Windows agents sometimes ask for a lot of resources on the endpoints. That could be in the fine-tuning for scanning. In Mac, they are complaining about the same problems, that it's using a lot of resources, but that could also be that we have to configure what it is scanning and what it should not scan. Currently it scans everything."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 100 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Protection Platform (EPP) with 176 reviews. Intercept X Endpoint is rated 8.4, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, Fortinet FortiClient and Bitdefender GravityZone EDR, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Wazuh. See our Intercept X Endpoint vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.