Try our new research platform with insights from 80,000+ expert users

CylancePROTECT vs Intercept X Endpoint (Sophos) comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 12, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

BlackBerry Cylance Cybersec...
Ranking in Endpoint Protection Platform (EPP)
19th
Average Rating
8.0
Reviews Sentiment
4.6
Number of Reviews
44
Ranking in other categories
No ranking in other categories
Intercept X Endpoint
Ranking in Endpoint Protection Platform (EPP)
9th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
104
Ranking in other categories
Endpoint Detection and Response (EDR) (8th), ZTNA (9th), Managed Detection and Response (MDR) (8th), Extended Detection and Response (XDR) (10th), Ransomware Protection (4th)
 

Mindshare comparison

As of April 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of BlackBerry Cylance Cybersecurity is 1.1%, down from 1.5% compared to the previous year. The mindshare of Intercept X Endpoint is 1.7%, down from 4.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Sooraj Makkancherrry - PeerSpot reviewer
Doesn't have daily updates, which is important for healthcare IT
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immediately due to medical device protocols and validation testing. I wish support would try to understand our issues better instead of giving this standard response. The machine learning feature they use often tells us to upgrade the agent or add things to the exclusion list, which isn't unacceptable. It's a very good and new technology as a tool and antivirus. But sometimes, it doesn't work properly with our medical devices and products, quarantining files it shouldn't even after we add them to exclusions. This is tricky for us.
Khandokar Rabbi - PeerSpot reviewer
Used for endpoint security, ransomware protection, virus protection, and server security
Intercept X Endpoint is deployed on the cloud in our organization. Previously, we had two ransomware attacks when we were using Kaspersky as an endpoint security. We didn't face any ransomware attacks after using Intercept X Endpoint for endpoint security. Intercept X Endpoint has simplified our malware detection. Since we have already implemented the policies in the cloud, all the malware is automatically detected. The solution also detects and removes new malware that can also come from the cloud AI engine. Integrating Intercept X Endpoint with our current security infrastructure was very easy. In my opinion, Sophos is a better solution because we are using Sophos endpoint security and network security. These two things sync with each other and monitor the packets and network traffic. No other vendor has simultaneous devices to check everything. I would recommend the solution to other users. Overall, I rate the solution an eight out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It provides good insight into the programs, applications, or websites that may need attention."
"Its setup is simple if you have a Windows device; it is executable."
"Two or three years ago when the WannaCry virus struck, the people that were on Cylance were the ones that weren't affected."
"I like the AI and mathematical components that they use."
"The solution is very quick at easily changing the levels of protection for each computer and the server."
"​Centralized dashboard online which can be used for managing a huge product."
"The solution is easy to deploy."
"Specifically for a Windows domain environment, the product can be customized and pushed via GPO or SCCM without issue.​"
"The Managed Detection and Response service provided by Intercept X Endpoint is highly valuable. With a team of 600-700 individuals monitoring systems, they swiftly respond to attacks, either informing us to isolate or directly removing threats. This full MDR service is especially recommended for sectors like finance, where data security is critical. The deep learning technology within Intercept X Endpoint enhances our security posture by analyzing behaviors and algorithms to differentiate between legitimate users and threats, effectively preventing attacks on our network infrastructure."
"Technical support is responsive and adept."
"I like the way it goes beyond the office space. Being a cloud-based solution makes it very easy to manage your endpoints within the office. In this time of COVID, you can also very effectively manage people who are working from home."
"Sophos Intercept X is a very effective solution and its being cloud-based is a benefit. Wherever my users are, I can apply policies to them. In the era of mobility, when users are out of the office or they're in different locations, it doesn't matter."
"I consider the heuristics to be most valuable, the fact that the solution does not work solely on signatures."
"This solution offers very good performance and it has great features."
"It does its job — it protects us from viruses. We don't really interact with it very much."
"One reason why I have stuck with Sophos is because it grabs it and deals with it, and if it's known malware, it can quarantine it or delete it."
 

Cons

"It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus."
"The stability could be improved."
"If they can add more features on top of their Persona feature that would be ideal."
"The product needs to continue to offer better alerts. In particular, around false positives. It needs to reduce them from happening."
"I would like to see a better UI in terms of sifting through more specific data and providing analytics. A little bit more would be nice."
"CylancePROTECT could be improved in its technical support and communication."
"The OPTICS component could be made more user-friendly with respect to giving people more information."
"I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immediately due to medical device protocols and validation testing. I wish support would try to understand our issues better instead of giving this standard response. The machine learning feature they use often tells us to upgrade the agent or add things to the exclusion list, which isn't unacceptable."
"Through Sophos Central I would like to see the ability to zero in and produce a report about the challenges being faced by a particular machine and user, to know if a virus is appearing only on that specific machine or also on others."
"Technical support is too slow to schedule meetings."
"The majority of our systems are MacBooks and their solution release cycle is slow to endorsing or support the MacBook's latest OS or hardware platform. For example, when Sophos macOS Big Sur version 11 was released, it took them a while to support this version of OS. A similar situation occurred when the MacBook M1 hardware CPU was released. They have not fully supported the native M1 CPU to this day. They need to speed up the solutions release cycle."
"The main real-time scanning takes most of the processing power of my notebook."
"The endpoint detection and response (EDR) technology has room for improvement because the information that it gives us to resolve our problems is poor nowadays."
"We would like to deploy across a variety of machines simultaneously through the network."
"The problem is that if you have a lot of different components going on, each managed under a different umbrella, then you're going to be spending a lot of time hopping back and forth between the different components to see, "Well, I got hit here. What did my firewall see? I got hit in the firewall, the firewall says it allowed that attack in, did it land on anything to compromise any of my endpoints?""
"I am not very satisfied with the product's reporting overall, and it needs improvement in this area."
 

Pricing and Cost Advice

"The initial end-point cost may seem a little high (~$55/device/year) but when you look at the total peace of mind that the solution provides, with no reboots for updates, and negligible performance impact, it is well worth it."
"The product cost is about $5, per user, per month."
"The license price for this solution could be better. It's on the expensive side."
"CylancePROTECT is worth the money, but I'm not sure of its exact price. I can't remember off the top of my head."
"The price is reasonable for us at the moment. I rate the overall solution an eight out of ten."
"The licensing part of the product is too expensive compared to other solutions in the market."
"This cost of the license is approximately $5 USD monthly per user."
"CylancePROTECT's pricing is reasonable, at about €18 per user, per year."
"The solution offers both a three-year license and an annual license. I would rate the product's pricing a one out of ten."
"The pricing is average for software like this, but you can purchase additional services if you wish."
"The price of Sophos Intercept X is competitive."
"It was fairly and reasonably priced."
"The product is moderately priced."
"Price-wise, it is good. Currently, we have a three-year plan."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing ten out of ten."
"On a per-user basis, my company has to pay a certain amount of money."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Manufacturing Company
12%
Government
8%
Financial Services Firm
7%
Computer Software Company
20%
Manufacturing Company
7%
Financial Services Firm
6%
Educational Organization
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Blackberry Protect?
It is a good endpoint solution. It is very easy to manage and detect the threat immediately. It will take the necessary actions.
What is your experience regarding pricing and costs for Blackberry Protect?
The price is reasonable for us at the moment. I rate the overall solution an eight out of ten.
What needs improvement with Blackberry Protect?
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immedi...
How does Crodwstrike Falcon compare with Sophos Intercept X?
I like that Crowdstrike Falcon allows me to easily correlate data between my firewalls. Its detection and machine learning are very valuable features. Crowdstrike Falcon also successfully prevents ...
What is your experience regarding pricing and costs for Sophos Intercept X?
I would describe it as economical, but not much cheaper than other solutions.
 

Also Known As

Blackberry Protect
Sophos Intercept X
 

Overview

 

Sample Customers

Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit
Flexible Systems
Find out what your peers are saying about BlackBerry Cylance Cybersecurity vs. Intercept X Endpoint and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.