Sophos MDR Reviews

Name: Sophos MDR
Brand: Sophos
Rating: 4.3 (30 reviews)

Vendor: Sophos

4.3 out of 5

30 reviews
100% willing to recommend

152 followers

Post review

What is Sophos MDR?

Threat Notification Isn’t the Solution – It’s a Starting Point
Other managed detection and response (MDR) services simply notify you of attacks or suspicious events. Then it’s up to you to manage things from there.

Get the Sophos MDR Buyer's Guide and find out what your peers are saying about Sophos MDR, IBM Security QRadar, Intercept X Endpoint and more!

Sophos MDR is the #5 ranked solution in top Managed Detection and Response (MDR) solutions. PeerSpot users give Sophos MDR an average rating of 8.6 out of 10. Sophos MDR is most commonly compared to IBM Security QRadar: Sophos MDR vs IBM Security QRadar. Sophos MDR is popular among the small business segment, accounting for 43% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 20% of all views.

Helped 831,369 peers since 2012

Featured reviews

Shaun Gordon

Chief Security Officer at Duxbury

Sophos MDR is a service. MDR is managed detection and response. It's a managed security service. So instead of having an anti-malware, which in Sophos' case would be Intercept X, with MDR, they add human-led threat hunting. It's a managed service. So it's not a product that you sell the client per se. You're selling them a service, which is almost like an SLA, and that includes Cloud MDR. MDR is not a product. It's a service. The reality is that when it comes to the likes of SentinelOne, McAfee, CrowdStrike, ESET, and all the other players out there, they're single-product security companies. CrowdStrike is an anti-malware. That's one thing. ESET, same thing. But if you look at the other vendors, within the appliances, you're looking at Fortinet, Palo Alto, and Checkpoint. They only sell firewalls. That's all they do. When you deal with Sophos, they are the entire product suite. They sell firewalls. They sell Intercept X, which is their anti-malware, Intercept X for Server with anti-malware, email protection with ties into Office 365, and Sophos Plus encryption. All of these security products pull telemetry. So every time somebody hits a firewall, it's called, for argument's sake, that goes into their central data lake. All the firewalls around the world add that information to a data lake. Now, when you're dealing with Sophos, because of their exposure, because they've got so many different products, their data lake is a lot more extensive than competing vendors because they're not relying on one threat factor. They're not relying on one area of expertise. They're a global company. So, I can't compare their telemetry, for instance, to the likes of CrowdStrike. If CrowdStrike has probably started doing appliances, then the users will get that benefit as well. Sophos is the only vendor that does do that. It's like hiring a security team. Sophos do things differently in that they've got more telemetry and more insight into a network because they offer a variety of products. The other part about it is Sophos MDR; the service, unlike other vendors like CrowdStrike, is not limited to their products. If you are running CrowdStrike in your company, for instance, you can get their integration packs, in which case Sophos will manage your CrowdStrike system for you. Whereas with CrowdStrike, it's only CrowdStrike. You are locked into that vendor. So Sophos offers that flexibility. It's a multi-vendor service as opposed to SentinelOne or CrowdStrike, which is a single-vendor service. For instance, if I'm running Sophos, I would like to go with CrowdStrike MDR. I would have to remove my entire security investment, in this case, Sophos, and reinstall CrowdStrike in order to use their service. Sophos doesn't have that problem. If you've got CrowdStrike and you've already invested in CrowdStrike, cool. You stay on CrowdStrike. They will still manage it for you.

Read full review

ManelAlvarez

Director of Cybersecurity at Devoteam Management Consulting

The most important aspect is a EC2 deployment which is a remote deployment done for new customers using Sophos. Approximately ninety-five percent of EC2 deployment is automated, requiring only a review or customization for the customer's needs. Another key feature is the centralized control of updates, allowing for scheduling any interaction with the endpoint. Additionally, the new platform and system operations, along with IOCs, are updated daily. Sophos has a very good policy at good prices. Since I have a local contact with the salespeople, they provide me discounts. It's very stable and competitive. When the customers have budget, they can opt for CrowdStrike. However, when the customers have budget constraints on daily servers, and when the customers prefer to integrate mobile platforms with different technologies, they can use this one technology. Overall, I rate the solution an eight out of ten.

Read full review

Kalyan Chowdhury

Founder at Computech infosysetm

The customer service and support by Sophos are good. We don't have any complaints about that product because they help us 24/7. So, if we have any problem, day or night, and we can't solve it, we contact Sophos' technical team. We try to call the local technical team first, and if that doesn't connect, we go directly to customer support. We don't have any problem. If there's a problem, we can usually resolve it within one or two hours, depending on the issue.

Read full review

Sophos MDR mindshare

As of January 2025, the mindshare of Sophos MDR in the Managed Detection and Response (MDR) category stands at 6.2%, down from 6.6% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Managed Detection and Response (MDR)

PeerAnalyst reports

Type	Title	Date
Category	Managed Detection and Response (MDR)	Jan 23, 2025	Download
Product	Reviews, tips, and advice from real users	Jan 23, 2025	Download
Comparison	Sophos MDR vs CrowdStrike Falcon Complete MDR	Jan 23, 2025	Download
Comparison	Sophos MDR vs Huntress Managed EDR	Jan 23, 2025	Download
Comparison	Sophos MDR vs Arctic Wolf Managed Detection and Response	Jan 23, 2025	Download

Title	Rating	Mindshare	Recommending
IBM Security QRadar	4.0	0.8%	90%	207 interviews Add to research
Intercept X Endpoint	4.2	0.8%	95%	103 interviews Add to research

Valuable Features

Sophos MDR is valued for centralized management, seamless integration with various security tools, threat hunting, and rapid response capabilities. It offers robust endpoint protection and remote control, enhancing cybersecurity with features like Synchronized Security and Data Loss Prevention. Comprehensive insights through analytic tool integration, efficient firewall functions, 24/7 monitoring, scalability, and flexible licensing contribute to its effectiveness, providing high protection against ransomware and enabling clients to maintain strong security practices efficiently.

"The rapid response team acts quickly to relieve customers."
"The automated threat hunting feature and integration capabilities are valuable."
"It provides reliable protection and clear data on its performance metrics, enabling straightforward communication of its capabilities."

Room for Improvement

Sophos MDR requires improvements in communication across different languages and countries. Performance, security, and the integration of multitenancy features need enhancements. Users seek better pricing, stability, and reporting capabilities. There is a need for improved support, training, and automation functions. Integration with mobile device management solutions and better threat intelligence are essential. Users find pricing expensive and seek more vendor flexibility. Enhancing AI capabilities and features like reporting would be beneficial.

"There could be improvement in features like more detailed reporting for the end customer."
"Maybe the reporting needs improvement."
"The service could enhance its scope, particularly in managing firewalls."

ROI

Sophos MDR provides strong ROI by preventing lengthy, unresolved incidents. Organizations see cost savings as it minimizes the need for additional IT staff who may lack incident expertise. It efficiently handles security threats, offering around-the-clock resolution. In Brazil, MDR mitigates staffing costs, enhancing security within their economic context. While some entities need more time to evaluate savings, many recognize the financial benefits of investing in this service.

Pricing

Sophos MDR pricing is user-based and offers subscription plans. While some find it competitively priced, others view it as expensive, rating it between five and nine out of ten. It is cited as cheaper than other solutions like Fortinet or Palo Alto but pricier due to AI integration. Effectiveness in negotiating with sales can lead to better pricing. Its affordability varies by industry and company size, making it more suited for larger enterprises.

"Sophos MDR is less expensive than other products like Fortinet or Palo Alto."
"The tool is too expensive for small companies."
"The product is reasonably priced considering the cybersecurity features."

Popular Use Cases

Sophos MDR is primarily used for network security, firewall management, intrusion detection and prevention, data loss prevention, and 24/7 threat monitoring. Users integrate it with other solutions via Sophos Central for visibility across systems. It's vital for organizations without in-house experts, offering a unified dashboard, SOC engagement, and incident response. Especially beneficial for financial sectors, it provides peace of mind, mitigates threats, and supports SMBs lacking dedicated cybersecurity teams.

Service and Support

Sophos MDR customer service is rated positively by many, with technical support being efficient and available 24/7. Some users note long response times, but most are satisfied. Local distributor collaboration enhances resolution, and regional language support improves experience. While a few suggest improved responsiveness, many rate support good to excellent. Clients appreciate the problem-solving ability and escalation process, often rating support eight out of ten or higher. Overall, support is considered customer-friendly and effective.

Deployment

Sophos MDR's initial setup is often described as easy and straightforward by those using Intercept X on endpoints, enabling swift deployment through Sophos Central. Some report minimal complexity, requiring environment familiarity and proper configurations, with installation times varying from hours to months depending on infrastructure size. Most find it manageable, with setup times ranging from quick deployments in minutes to detailed configurations over days, rating ease from seven to ten out of ten.

Scalability

Sophos MDR is widely praised for its scalability, often rated highly by users. It supports a variety of enterprises, including medium-sized and large organizations, and can easily increase protected devices without needing redeployment. Though scalability is generally not a concern, some users note that integration could improve and costs might be a factor for some businesses. Sophos MDR's cloud-based infrastructure makes scalability achievable and efficient, appealing to diverse businesses seeking growth.

Stability

Sophos MDR exhibits strong stability, with many rating it between eight and ten out of ten. Instances of instability are rare, often related to updates or maintenance, which don't disrupt service. Users have reported occasional update failures but no significant downtime. High stability is attributed to its cloud-based nature and effective threat monitoring. Some note increased RAM usage, but most users experience uninterrupted service, affirming its stability as satisfactory.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Sophos MDR Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

20%

Manufacturing Company

Government

Comms Service Provider

Educational Organization

Financial Services Firm

Construction Company

Retailer

University

Healthcare Company

Non Profit

Wholesaler/Distributor

Real Estate/Law Firm

Performing Arts

Energy/Utilities Company

Hospitality Company

Legal Firm

Insurance Company

Media Company

Transportation Company

Outsourcing Company

Recreational Facilities/Services Company

Engineering Company

Leisure / Travel Company

Aerospace/Defense Firm

Recruiting/Hr Firm

Consumer Goods Company

Compare Sophos MDR with alternative products

Learn more about Sophos MDR

With Sophos MTR, your organization is backed by an elite team of threat hunters and response experts who take targeted actions on your behalf to neutralize even the most sophisticated threats.

Sophos MDR was previously known as Sophos Managed Threat Response.