Sophos Intercept X Overview
Sophos Intercept X is the #5 ranked solution in our list of EDR tools. It is most often compared to CrowdStrike Falcon: Sophos Intercept X vs CrowdStrike Falcon
What is Sophos Intercept X?
Sophos Intercept X stops the widest range of attacks with a unique combination of deep learning malware detection, exploit prevention, anti-ransomware, and more.
Sophos Intercept X is also known as Intercept X.
Sophos Intercept X Buyer's Guide
Download the Sophos Intercept X Buyer's Guide including reviews and more. Updated: December 2020
Sophos Intercept X Customers
Flexible SystemsSophos Intercept X Video
Pricing Advice
What users are saying about Sophos Intercept X pricing:
- "We were able to eliminate the ransomware using the one-month, full-featured trial license."
Sophos Intercept X Reviews
Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
- Date
- Highest Rating
- Lowest Rating
- Review Length
Search:
Showingreviews based on the current filters. Reset all filters

reviewer1452492
President at a tech vendor with 1-10 employees
Great reporting and good training with a pretty straightforward setup
What is our primary use case?
We primarily use the solution for malware protection.Pros and Cons
- "The updates and a lot of the day-to-day fiddling that you would have to do with it, can all be done from the cloud so it's easy to manage, and very easy to administer."
- "The number one thing I would like is if their support could be a little faster and it would be a little easier to get a hold of support when you need them."
What other advice do I have?
We're Sophos partners and resellers. We always deploy the latest version of the solution. We deploy the Intercept X Advanced with EDR. All the management is done through the cloud. Then there's a client piece you put on, on-premises. We do the management through the cloud and we put the client piece on the premises. I like a lot of the things that Sophos is doing. They didn't have one this year, however, they have an annual conference, and one of the things they had done, this was right before they got bought by this other company, is they had hired a lot of really top talent. These guys, when…
Mike Parsons
Senior CyberSecurity Architect and Mentor at BlueTeamAssess LLC
Reliable, scalable and very simple to set up
What is our primary use case?
The primary use case is basically having a synchronized perspective on what's going on between endpoints, firewalls, and whatever other types of preventative measures the customer has.Pros and Cons
- "The thing that I like about it is the synchronized security. You can tie endpoint protection and firewalls and a whole range of other services and products. You can get your servers taken in under this."
- "The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?""
What other advice do I have?
We're partners with Sophos. We're a consulting company and we provide some managed services. Sophos products are some that I deploy and manage for my customers. I don't have the EDR or any of the really sophisticated stuff. The client doesn't think that they have a need to go to another level. I don't have EDR or MTR deployed for the customer. I work primarily with small businesses. So sometimes it's kind of hard to get them to invest more than what they feel comfortable doing. Other organizations should give it serious consideration if they are looking for a solution. The price point is not…Learn what your peers think about Sophos Intercept X. Get advice and tips from experienced pros sharing their opinions. Updated: December 2020.
455,962 professionals have used our research since 2012.

Mohamed Y Ahmed
Technical & Pre-Sales Manager at GateLock
Provides dependable, intelligent attack defenses and is easy to manage and work with
What is our primary use case?
We are providing this product and support for it in many sectors like health care, retail, sports, and communication sectors. We are also working with Sophos, but with Sophos Endpoint, not XG, or Sophos UTM. We work with Raya (Contact Center) that provides services here in Egypt (they are also using Sophos 550 XG models).Pros and Cons
- "It is a practically maintenance free intelligent system that independently protects environments from malicious attacks."
- "The product defends very well on its own but could possibly use enhancement in giving users more controls."
What other advice do I have?
On a scale from one to ten, I would rate Intercept X as a nine out of ten. I don't think I can rate any software security product a ten because nothing in software security is100%. We are deploying Intercept X on Cloud, not on-premises. The reason for this is because the previous versions of Sophos made the agents different between the anti-virus, endpoint and the Intercept X. Now with the Cloud, Sophos is making one agent for the three technologies — the endpoint, Intercept X, and EDR (Intelligent Endpoint Detection and Response). The three components are in one agent and managed by one…
reviewer1238874
Network Administrator at a tech services company with 51-200 employees
Not just another simple virus-scanning product, but it does not handle removable USB drives well
What is our primary use case?
We use Intercept X Advanced along with Sophos EDR (Enhanced Data Detection and Response). We use it for our servers and clients as advanced protection. It is not just a simple virus scanning product. We use it to work with clients and it is installed on five servers. At this time we have only installed it at one customer site. But we plan to continue to expand.Pros and Cons
- "It is not just a simple virus scanning product. It handles more advanced needs."
- "This product does not handle USB drives well."
What other advice do I have?
Advice that I would have for people considering using virus scanning is that I, personally, would not use Sophos Endpoints. That is the simplest edition of the Sophos virus protection product line. I would use Intercept X Advanced as the entry-level product as the other, simpler product, is not robust enough to provide acceptable protection for businesses in my estimation. On a scale from one to ten where one is the worst and ten is the best, I would rate Sophos Intercept X as a seven. First, I never give a ten because every product can be improved. Second, I subtract two points because of my…
Charles Golliday
Manager of Information Security at a healthcare company with 201-500 employees
Excelling in this competitive product category with more features than users put to task
What is our primary use case?
The EDR (Enhanced Data Detection and Response) and the DLP (Data Loss Prevention) components are probably the biggest areas of the product that we employ. We also make use of web content filtering and application control as well.Pros and Cons
- "The EDR (Enhanced Data Detection and Response) and the DLP (Data Loss Prevention) components are valuable assets."
- "Scalability is good."
- "Technical support is responsive and adept."
- "There is some issue with the reporting and refreshing information on resources that have been eliminated."
What other advice do I have?
My biggest bit of advice for people taking on Intercept X is to train your staff on all of the functions of that solution. There are a number of solutions within the one product and it is best to know how to use them all and if they apply to your circumstances. The biggest lesson we have learned from using Sophos is that the product can be a bit overwhelming with information and data. That is the situation where your training and your resources come into play. Make sure you have a complete plan to utilize the tool or you will have pieces that are just sitting there and nothing is happening to…
reviewer1364232
IT Manager at a construction company with 201-500 employees
Excellent at capturing malicious threats together with an aggressive next generation firewall
What is our primary use case?
The main use cases of this solution are for protection from ransomware and malware. Although we don't have EDR because of its high cost, we do have the capability to filter the website. Our use case is more about capturing crypto and the like that can encrypt files. I'm a system administrator and we are customers of Sophos.Pros and Cons
- "Anti-virus captures malicious threats and an aggressive next generation firewall."
- "Deployment on cloud needs to be carried out manually."
What other advice do I have?
This is a good product but it comes at a high price. As a result, I would rate this solution an eight out of 10.
reviewer1418319
IT Infrastracture Consultant at a healthcare company with 201-500 employees
Behavioral-based protection that is user-friendly and easy to deploy
What is our primary use case?
We were recently the target of a ransomware attack and we used this product to clean it from our environment. Our in-place endpoint protection is just signature-based and it was not able to identify which device had passed the malware. I am in charge of monitoring at this time.Pros and Cons
- "The most valuable feature is the behavioral, non-signature-based threat detection."
- "When there is an event generated by either the firewall or Intercept X, and the originating IP address is the same, these should be merged into a single event rather than two."
What other advice do I have?
Overall, this is a good product that seems to address our concerns and I can recommend it. I would rate this solution a nine out of ten.
Steven Gross
Information Systems Coordinator at a insurance company with 51-200 employees
Good ransomware security with an easy initial setup and good scalability potential
What is our primary use case?
We primarily use the solution as endpoint protection as well as for endpoint detection and response. It's like an EDR. It's basically used to prevent ransomware.Pros and Cons
- "The initial setup is simple."
- "It's a challenge to do system maintenance work on a notebook. You always have to disable Sophos first."
What other advice do I have?
We're using the latest version of the solution. We've got Sophos Intercept X on the notebook computers along with Kaspersky and then on the servers it's only Sophos EDR, which has both antivirus and Intercept X. All are bundled together. The console's on the cloud and that's just installed on the clients, however, they all communicate with a self-hosted JIRA cloud console. I'd advise those considering the solution to probably just go with the antivirus portion as well. That way, you've got it all under one console. We're juggling two consoles, Kaspersky and Sophos. It would be easier if…See 20 more Sophos Intercept X Reviews
Popular Comparisons
CrowdStrike Falcon
Carbon Black CB Defense
Bitdefender GravityZone Ultra
Microsoft Defender Antivirus
Kaspersky Endpoint Security
SentinelOne
Cortex XDR by Palo Alto Networks
ESET Endpoint Security
Cisco AMP for Endpoints
Symantec End-user Endpoint Security
Comodo Advanced Endpoint Protection
CylancePROTECT
Malwarebytes
Fortinet FortiEDR
Panda Security Adaptive Defense
Buyer's Guide
Download our free Sophos Intercept X Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Can Sophos Intercept X and Carbon Black be used side by side on endpoints?
- What is the biggest difference between EPP and EDR products?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?
- Which ransomware is the biggest threat in 2020?
- How was the 2020 Twitter Hack carried out? How could it have been prevented?
- What is the best for ransomware infection?
- Compromise Assessment vs Threat Hunting
- What security measures should businesses prioritize to support secure remote work?
- Why is endpoint security important?