We just raised a $30M Series A: Read our story

Sophos Managed Threat Response OverviewUNIXBusinessApplication

Sophos Managed Threat Response is #6 ranked solution in MDR Services. IT Central Station users give Sophos Managed Threat Response an average rating of 8 out of 10. Sophos Managed Threat Response is most commonly compared to CrowdStrike Falcon Complete:Sophos Managed Threat Response vs CrowdStrike Falcon Complete. The top industry researching this solution are professionals from a computer software company, accounting for 21% of all views.
What is Sophos Managed Threat Response?

Threat Notification Isn’t the Solution – It’s a Starting Point
Other managed detection and response (MDR) services simply notify you of attacks or suspicious events. Then it’s up to you to manage things from there.

With Sophos MTR, your organization is backed by an elite team of threat hunters and response experts who take targeted actions on your behalf to neutralize even the most sophisticated threats.

Buyer's Guide

Download the Managed Detection and Response (MDR) Buyer's Guide including reviews and more. Updated: November 2021

Sophos Managed Threat Response Video

Pricing Advice

What users are saying about Sophos Managed Threat Response pricing:
  • "The cost of the solution is based on how many users use it."

Sophos Managed Threat Response Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
SK
Sr. Consultant/Partner/Co-Founder at a tech services company with 1-10 employees
Reseller
Stops threats as they happen

Pros and Cons

  • "Sophos MTR will stop the threat as it is happening. Intercept X, which is a part of it, has the ability to roll back, so the attack is undone. And then the advanced edition of MTR lets me handle the threat by talking on the phone. I don't have to deal with it. I don't have to just go through emails back and forth. We don't have to pay extra for Rapid Response services. If something is happening, they're right on top of it."
  • "Once in a great while, an update fails."

What is our primary use case?

We use Sophos MTR for three of our customers, and we're proposing it for a fourth. We sell Sophos Intercept X Advanced with EDR and MTR Advanced. All of this is managed through Sophos Central and just integrated into the endpoint for both workstations and servers, so we see alerts, problems, and cases opened. 

What is most valuable?

Sophos MTR will stop the threat as it is happening. Intercept X, which is a part of it, has the ability to roll back, so the attack is undone. And then the advanced edition of MTR lets me handle the threat by talking on the phone. I don't have to deal with it. I don't have to just go through emails back and forth. We don't have to pay extra for Rapid Response services. If something is happening, they're right on top of it. And there are all the automatic features of the firewall that are interconnected with the endpoints. The firewall has the ability to isolate a compromised workstation and stop it from communicating anywhere on the network. It's called Synchronized Security and we implemented that everywhere we can. The firewall management and the endpoint management are all in the Sophos Central

What needs improvement?

I don't have really anything to offer as far as improvements. With every customer I can, I deploy Intercept X. It works. It protects the workstation. It protects the server. The client doesn't take a big hit in terms of performance on a workstation or server. The deployment is simple.

For how long have I used the solution?

I've been using Sophos MTR since it first became a product, so two or three years now.

What do I think about the stability of the solution?

It's cloud-based, it's a monitoring solution. Nothing MTR does affect the workstation. It's the antivirus scanning agent that is called Sophos Central Intercept X. That's what's on the workstation. Once in a great while, an update fails, but by and large, it's rock solid. We've had no problems with it compared to some of the other products that we're trying to get customers to move away from as renewals fall off. Again, I won't mention the product, but I've got a customer with 900 plus workstations, and I can say for quite a bit of money, she'll just consider changing. But so far she hasn't been able to find the bandwidth to change.

What do I think about the scalability of the solution?

As far as we know, it has unlimited scalability.

How are customer service and technical support?

The MTR tech support has been phenomenal.

How was the initial setup?

The setup is literally nothing as long as you're using Intercept X on the endpoint as well as the Intercept access to Sophos Central Intercept X that is installed and running on each of your workstations servers and workstations. And those are managed from within the Sophos Central Cloud. If you don't have that, then there would be a lot of setup. But if you're already a Sophos Central customer, engaging with MTR is basically just accepting the contract. It's really nothing more than that.

What's my experience with pricing, setup cost, and licensing?

It competes very well with other similar products. One of the Sophos products I put in for a customer was two and a half times less expensive than the competing product. 

What other advice do I have?

I would rate Sophos MTR as a 10 out of 10 based on my experience with customers.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
BH
Network Engineer at a comms service provider with 10,001+ employees
Real User
Seamless integration, remote control access, high overall security protection

Pros and Cons

  • "The most valuable aspect of this solution is the ability to interact with the firewall and workstations seamlessly to shut down the threats. Additionally, you are able to control the workstations remotely."
  • "There is room for improvement in performance and upgrades."

What is our primary use case?

We are using this solution in conjunction with others. We usually put both endpoint detection solutions in some of our desktops and in others, we have the Sophos desktop solution combined with Sophos firewall switches.

What is most valuable?

The most valuable aspect of this solution is the ability to interact with the firewall and workstations seamlessly to shut down the threats. Additionally, you are able to control the workstations remotely. This most robust solution out in the industry today.

There is a high level of protection to prevent both ransomware and malicious software from the exterior of the network, down to the workstations. The workstations are analyzed to prevent threats that come in through network packets, such as in email. You need to keep email secure because a lot of these malicious threats are coming in from email.

Nowadays, a lot of social interactions are through the internet and if somebody giving out passwords or is not keeping up with security best practices they could be vulnerable to attacks.

What needs improvement?

There is room for improvement in performance and upgrades.

For how long have I used the solution?

I have been using the solution for approximately one year.

What do I think about the stability of the solution?

The solution is very stable.

What do I think about the scalability of the solution?

I have found the scalability to be good. We do not have plans to increase usage in the near future.

How are customer service and technical support?

The technical support has been good, we had no problems.

How was the initial setup?

The installation was straightforward and the implementation took approximately three months.

What about the implementation team?

We have a team of three people that do the deployment and maintenance of the solution.

What's my experience with pricing, setup cost, and licensing?

The cost of the solution is based on how many users use it.

What other advice do I have?

My advice to others thinking about implementing this solution is to negotiate for a lower price and it is a benefit to have someone who understands firewalls and their basic implementation.

I would recommend this solution to those who want to have complete security protection.

I rate Sophos Managed Threat Response a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Find out what your peers are saying about Sophos, CrowdStrike, Dell EMC and others in Managed Detection and Response (MDR). Updated: November 2021.
554,873 professionals have used our research since 2012.
DT
Systems Network Administrator at a manufacturing company with 1,001-5,000 employees
Real User
Top 20
Good antivirus and firewall capabilities, and the collaborative support is helpful

Pros and Cons

  • "The most valuable feature is threat hunting."
  • "One of the limitations that we have found is with communications and the languages in different countries."

What is most valuable?

The most valuable feature is threat hunting.

One of the big advantages is that we can collaborate with Sophos' support, and they will show us the problems. 

What needs improvement?

One of the limitations that we have found is with communications and the languages in different countries. In Vietnam, we are okay and it is not a big problem because we have a vendor, who is a Sophos partner.

For how long have I used the solution?

My company has been using Sophos Managed Threat Response for more than two years. It was installed before I joined the company.

What do I think about the scalability of the solution?

We have more than 1,000 users.

How are customer service and technical support?

The technical support is quite good, although sometimes the response time is quite long. Then again, maybe I'm a difficult customer.

Which solution did I use previously and why did I switch?

Prior to this, we used Sophos EDR but after that, we upgraded to the Managed Threat Response. It has additional benefits that we were interested in.

What other advice do I have?

Overall, Sophos is working well in our organization and we plan to continue using it. It is a good product and I recommend it because it is centralized and in my opinion, it is one of the best security products available on the market. It has both antivirus and firewall support. 

I would rate this solution an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Amir Kasem
Technical manager at a tech services company with 51-200 employees
Reseller
Top 5Leaderboard
Is stable and scalable but could be more secure

What is most valuable?

It is stable and scalable. It has good technical support.

What needs improvement?

It could be more secure.

For how long have I used the solution?

I've been using this solution for one year. It's a cloud-based solution.

What do I think about the stability of the solution?

It is very stable.

What do I think about the scalability of the solution?

It is a scalable solution.

How are customer service and technical support?

Sophos has good technical support.

What other advice do I have?

I have recommended this solution and would rate it at five on a scale from one to ten.

What is most valuable?

It is stable and scalable. It has good technical support.

What needs improvement?

It could be more secure.

For how long have I used the solution?

I've been using this solution for one year. It's a cloud-based solution.

What do I think about the stability of the solution?

It is very stable.

What do I think about the scalability of the solution?

It is a scalable solution.

How are customer service and technical support?

Sophos has good technical support.

What other advice do I have?

I have recommended this solution and would rate it at five on a scale from one to ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate