We performed a comparison between Crowdstrike Falcon and Sophos Intercept X based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, the two products are very similar. Crowdstrike Falcon comes out ahead in this comparison simply because it is easier to deploy than Sophos Intercept X.
"I have found the ability to delete unwanted threats beneficial."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"The most valuable aspect is undoubtedly the exploration capability"
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"The integration with other Microsoft solutions is the most valuable feature."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"The feature that I find to be the most valuable, is being able to look at the system analysis and being able to baseline what is installed on the system."
"The CrowdStrike Falcon agent is very lightweight. Users never complain about their PCs getting stuck and things like that."
"Regarding features, I appreciate its integration capabilities with identity providers...Stability-wise, I rate the solution a ten out of ten."
"It has an extremely low footprint, so it has got minimum impact on the user end points in terms of CPU and memory usage."
"The EDR and XDR features have been most valuable."
"It's given me a level of confidence that my network is secure."
"Easy to use, intelligent, and stable threat detection software."
"At this point what is most valuable is the interface, which is easy to navigate."
"The most valuable feature of Intercept X its ability to stay ahead of the infection. By the time the ransomware spreads to the next machine in line, the data has already been encrypted on that workstation. It didn't matter what the ransomware did because could go in and get it back."
"The most valuable feature is that it literally works. We have reduced a lot of complaints after switching to Sophos."
"It's a good antivirus software and has a lot of features. It now integrates with their on-premises firewall, which is perfect."
"Solution for endpoint detection and response, with good stability and scalability. Users also benefit from email protection and data loss prevention."
"This solution offers very good performance and it has great features."
"It is quite scalable. You can always add more users. I would rate the scalability a nine out of ten."
"The most valuable features are the range and restriction."
"This is really good because it's applicable to zero-day threats."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"Intrusion detection and prevention would be great to have with 365 Defender."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"It would be beneficial to have a more seamless experience with everything consolidated in one place, particularly when dealing with aspects related to the Exchange console."
"The licensing is a nightmare and has room for improvement."
"We sometimes get false positives."
"CrowdStrike should provide better visibility in its reporting. There should be more forensic details about detected threats."
"This solution could be improved with greater scope for admins to make changes to the solution."
"CrowdStrike Falcon could be enhanced by extending its security capabilities to include NDR and XDR."
"If we have a dashboard capability to uninstall agents, I think that would be great."
"In a future release, I would like to see more integrations for data breaches and security features."
"In the future release of CrowdStrike Falcon, they should add a sandbox feature."
"They should provide us with good visibility for everything."
"As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of."
"There are not any solutions that are a 10 out of 10. A 10 would be perfect protection with no impact on the performance of the device. This is not the case, there is some impact on the performance of the device."
"The product defends very well on its own but could possibly use enhancement in giving users more controls."
"They should keep doing what they're doing. Both of them have entered the EDR/MDR space, and they're keeping up with their competitors. I have a hard time understanding why their capabilities aren't garnering more attention."
"Intercept X Endpoint is a very heavy solution that consumes a lot of RAM and should be made lighter."
"The solution can be expensive, although we do see the value in it."
"Sophos Intercept X doesn't have its own firewall that utilizes the Windows Firewall or intrusion prevention."
"Needs more flexible reporting, particularly for medium to large size companies."
CrowdStrike Falcon is ranked 3rd in Endpoint Protection Platform (EPP) with 107 reviews while Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews. CrowdStrike Falcon is rated 8.8, while Intercept X Endpoint is rated 8.4. The top reviewer of CrowdStrike Falcon writes "Easy to set up with good behavior-based analysis but needs a single-click recovery option". On the other hand, the top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". CrowdStrike Falcon is most compared with Darktrace, Microsoft Defender for Endpoint, Trend Micro Deep Security, Trend Vision One and SentinelOne Singularity Complete, whereas Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete, Fortinet FortiClient and Fortinet FortiEDR. See our CrowdStrike Falcon vs. Intercept X Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Endpoint Detection and Response (EDR) vendors, and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.