Try our new research platform with insights from 80,000+ expert users

Field Effect MDR vs Sophos MDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 3, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Field Effect MDR
Ranking in Managed Detection and Response (MDR)
3rd
Average Rating
9.2
Reviews Sentiment
7.6
Number of Reviews
29
Ranking in other categories
No ranking in other categories
Sophos MDR
Ranking in Managed Detection and Response (MDR)
5th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
30
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Managed Detection and Response (MDR) category, the mindshare of Field Effect MDR is 3.2%, up from 1.9% compared to the previous year. The mindshare of Sophos MDR is 6.1%, down from 6.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Managed Detection and Response (MDR)
 

Featured Reviews

Simon Cutler - PeerSpot reviewer
Helps to manage cybersecurity vulnerabilities, and improve our security team's efficiency and security posture
It would be incredibly valuable to have the Field Effect team handle some of the third-party application patching they're currently identifying. While it's fantastic that they're proactive in this area, the time commitment is significant. Integrating patching into their existing service offering would be a game-changer. I'd love to see a tool that aids sales discovery efforts when we engage new clients. Ideally, this internal tool would scan their network environment to identify potential risks and give us a comprehensive picture of their network infrastructure. This would be a huge asset in informing our sales strategies and showcasing our expertise.
Shaun Gordon - PeerSpot reviewer
Extensive data lake, ease of use is great and you can really get started very quickly
Sophos MDR is a service. MDR is managed detection and response. It's a managed security service. So instead of having an anti-malware, which in Sophos' case would be Intercept X, with MDR, they add human-led threat hunting. It's a managed service. So it's not a product that you sell the client per se. You're selling them a service, which is almost like an SLA, and that includes Cloud MDR. MDR is not a product. It's a service. The reality is that when it comes to the likes of SentinelOne, McAfee, CrowdStrike, ESET, and all the other players out there, they're single-product security companies. CrowdStrike is an anti-malware. That's one thing. ESET, same thing. But if you look at the other vendors, within the appliances, you're looking at Fortinet, Palo Alto, and Checkpoint. They only sell firewalls. That's all they do. When you deal with Sophos, they are the entire product suite. They sell firewalls. They sell Intercept X, which is their anti-malware, Intercept X for Server with anti-malware, email protection with ties into Office 365, and Sophos Plus encryption. All of these security products pull telemetry. So every time somebody hits a firewall, it's called, for argument's sake, that goes into their central data lake. All the firewalls around the world add that information to a data lake. Now, when you're dealing with Sophos, because of their exposure, because they've got so many different products, their data lake is a lot more extensive than competing vendors because they're not relying on one threat factor. They're not relying on one area of expertise. They're a global company. So, I can't compare their telemetry, for instance, to the likes of CrowdStrike. If CrowdStrike has probably started doing appliances, then the users will get that benefit as well. Sophos is the only vendor that does do that. It's like hiring a security team. Sophos do things differently in that they've got more telemetry and more insight into a network because they offer a variety of products. The other part about it is Sophos MDR; the service, unlike other vendors like CrowdStrike, is not limited to their products. If you are running CrowdStrike in your company, for instance, you can get their integration packs, in which case Sophos will manage your CrowdStrike system for you. Whereas with CrowdStrike, it's only CrowdStrike. You are locked into that vendor. So Sophos offers that flexibility. It's a multi-vendor service as opposed to SentinelOne or CrowdStrike, which is a single-vendor service. For instance, if I'm running Sophos, I would like to go with CrowdStrike MDR. I would have to remove my entire security investment, in this case, Sophos, and reinstall CrowdStrike in order to use their service. Sophos doesn't have that problem. If you've got CrowdStrike and you've already invested in CrowdStrike, cool. You stay on CrowdStrike. They will still manage it for you.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The alerts that we get are valuable. It notifies us if there is any attempted access and if there are any areas where we need to create more security for clients. It is stopping anything from happening before there is even an issue."
"Hackers are trying to breach a business when they least expect it - that's often at night, weekends, and holidays. Covalence never sleeps or misses a second of monitoring."
"The most valuable features are AROs, which provide timely notifications for out-of-compliance or out-of-specification detections."
"I like how comprehensive Field Effect Covalence is."
"We are getting visibility over the network, not just for those hosts that have a Field Effect EDR agent but also things like the Internet of Things, guest networks, or rogue devices. We definitely have visibility into all network traffic, which is very cool."
"Direct and easy and quick communication to the Field Effect cybersecurity team experts has led to quick resolution of any problems or alerts."
"The most valuable features are Action Recommendations of Observations, which keep us informed about existing vulnerabilities so we can proactively update our endpoints and those of our customers against potential threats."
"Unlike previous solutions, where we were solely informed of security incidents, Covalence's MDR allows for real-time incident prevention."
"The authentication it offers minimizes the risk of access."
"There are lots of benefits because it includes real-time network threat detection (RNT), IP spoofing prevention, and a 24/7 support system. There is also protection against ransomware attacks."
"The user doesn't need a technician; it offers 24/7 support to identify and manage your infrastructure and take complete care of any technological incidents."
"The most valuable feature is threat hunting."
"The automated threat hunting feature and integration capabilities are valuable."
"It is a stable solution...It is a scalable solution."
"It is a scalable solution."
"The most valuable feature is the ability to integrate multiple functions into a single dashboard regardless of the vendors being integrated."
 

Cons

"It would be greatly beneficial to integrate compliance-related reporting directly into the portal."
"They could use more third-party integrations with other MSP tools."
"It would be incredibly valuable to have the Field Effect team handle some of the third-party application patching they're currently identifying."
"The area where they can make it better is by giving responses to the end-user. For example, when there is an alert to the administrator, I get it. I have to copy and paste everything to everyone... And then I have to follow up with them, and it's a real pain."
"The tagging of ARO closure has room for improvement."
"Because this is a security solution, I would recommend that they extend their support hours, and perhaps for emergencies, even to 24/7 or 24/5."
"Covalence should provide a live view of the endpoint because the endpoint view in the portal is 5 to 15 minutes behind the actual status of the endpoint and its vulnerabilities. When it doesn't update with the actual status, it makes managing those things harder because sometimes something gets updated, and one of those vulnerabilities has gone away, but that doesn't appear in the ARO."
"It would be more effective if it could surgically isolate the specific malicious process instead of deleting the entire machine."
"Support could provide a faster response."
"Its technical support could be better."
"Sophos is not integrating the same console and umbrella with its product."
"The solution's integration should be made easier because it is difficult."
"One of the limitations that we have found is with communications and the languages in different countries."
"The reports should be more comprehensive and easier to organize."
"The technical team for Sophos MDR is not so good since they take a long time, like a week, to provide a solution to a simple case or problem we face in our company."
"Threat intelligence is an area for improvement for MDR."
 

Pricing and Cost Advice

"The licensing model itself is solid, but we're ironing out some inconsistencies in how customer profiles are configured."
"We're currently enrolled in the volume package, which offers tiered pricing based on usage."
"The shift to a per-user pricing model and the introduction of a base price for the on-premises or virtual appliance has been particularly advantageous."
"We were particularly impressed with their pricing model, which charges per user rather than per system."
"It is on the high end, but it is worth it for the service that you get from them."
"Although Covalence is expensive, it provides good value for the price."
"While the contract duration might change, the pricing remains highly attractive."
"A top-tier competitor to Field Effect in Magic Quadrant that we had been using until our switch to Field Effect was a great product, but each capability had an additional charge. We had to license modules separately, and each of those add-ons had to be added onto its own consumption and agreement. It was a nightmare from a billing perspective because we had multiple agreements, and each one had a jagged anniversary or a renewal anniversary. It was a nightmare, whereas Field Effect MDR is one product."
"I would rate the price of Sophos MDR as a nine out of ten, with ten being the most expensive."
"The product is reasonably priced considering the cybersecurity features."
"Sophos MDR is a cheap solution."
"It is an expensive platform."
"The solution is expensive."
"The price falls somewhere in the middle range."
"Sophos MDR is less expensive than other products like Fortinet or Palo Alto."
"The solution has subscription-based pricing plans."
report
Use our free recommendation engine to learn which Managed Detection and Response (MDR) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
54%
Non Profit
4%
Government
4%
Retailer
3%
Computer Software Company
20%
Manufacturing Company
7%
Educational Organization
6%
Government
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Field Effect Covalence?
It is very user-friendly. We have regular reports to see what is going on.
What is your experience regarding pricing and costs for Field Effect Covalence?
In our evaluation, two years ago, we found the Field Effect Covalence product and service to be the simplest to set up and pricing was lower than the other competitors.
What needs improvement with Field Effect Covalence?
The solution could improved DNS filtering and fuller integration into ConnectWise PSA (I understand both are in the works). The current roaming DNS filter doesn't seem to be too complete and we're ...
What do you like most about Sophos MDR?
The user doesn't need a technician; it offers 24/7 support to identify and manage your infrastructure and take complete care of any technological incidents.
What needs improvement with Sophos MDR?
There could be improvement in features like more detailed reporting for the end customer. For example, reports should be in simple language that is easy to read and understand for management level ...
What advice do you have for others considering Sophos MDR?
I would absolutely recommend Sophos MDR to other organizations. It is rated ten out of ten overall, with a deduction of one point only due to the commercial cost. I'd rate the solution nine out of ...
 

Also Known As

Field Effect Covalence
Sophos Managed Threat Response
 

Overview

Find out what your peers are saying about Field Effect MDR vs. Sophos MDR and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.