We performed a comparison between SentinelOne and Sophos Intercept X based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: SentinelOne comes out on top in this comparison due to its easy setup, high performance, attractive price, and impressive ROI.
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"I like that it's stable. It's been stable for a long time, and Microsoft Defender has done a good job there."
"In Microsoft 365 vendor products, monitoring and connectivity across all Microsoft and third-party connectors enable viewing of all activity within those environments."
"The threat intelligence is excellent."
"The attack simulation is excellent; initially, this feature wasn't very robust, but Microsoft improved what we could achieve with it. We can now customize our practice phishing emails and include our company logo, for example. Attack simulation also helps integrate with third-party solutions where applicable and provides an overview of our security architecture through testing. The summary includes areas for improvement in our protection and what steps we need to take to get there."
"The integration with other Microsoft solutions is the most valuable feature."
"It has great stability."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"This is really good because it's applicable to zero-day threats."
"There are products that are technically stronger. However, this product has everything in one solution, which makes it a strong endpoint option."
"The most valuable feature is that it literally works. We have reduced a lot of complaints after switching to Sophos."
"A valuable feature offered by Sophos is called Naked Security, and it entails the control managed by the firewall on the site regarding the desktop client interfacing with our cloud client."
"Sophos Intercept X is a complete endpoint solution."
"The solution protects us."
"The package we use also comes with spam filtering features, which are quite useful."
"It is stable and has a good price. I find it very good."
"Being able to keep track of the endpoints and the data that is available from the endpoints is valuable. We can see the patch levels, whether Windows endpoints are active or inactive, and who is the last user that was logged on. We get a lot of granular information that is valuable even what we are not talking from a security standpoint."
"SentinelOne also provides equal protection across Windows, Linux, and macOS. I have all of them and every flavor of them you could possibly imagine. They've done a great job because I still have a lot of legacy infrastructure to support. It can support legacy environments as well as newer environments, including all the latest OS's... There are cost savings not only on licensing but because I don't have to have different people managing different consoles."
"The AI solution makes it easy for customers to detect and manage policies, as well as documents that help customers manage their platform."
"The best thing SentinelOne has done for us is that it gives us insight into the endpoints. We never had insight into lateral movement threats before. Once a threat known as Qbot gets on the network, it actually spreads throughout sub-networks quickly. SentinelOne has detected that and saved our bacon. We were able to get in there and stop the threat, lock it down, and prevent it from actually spreading through. It would have been 50 or 60 computers. It had spread through in a few minutes. We have a lot of HIPAA data and FERPA data that we need to keep protected."
"I am particularly interested in the new app vulnerability module that is included with the Singularity Complete edition."
"The most valuable feature is that it just unintrusively works in the background to carry out the protection."
"The most valuable features are asset tracking, patching, endpoint tagging, and policy updates."
"The visibility component is the most valuable feature."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"The price should be adjustable by region."
"Microsoft Defender XDR is not a full-fledged EDR or XDR."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"Intercept X needs more reporting and device management features, so I can get messages from PCs that let me know if I need to do something with them."
"As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of."
"It has a performance hit on a local laptop. There's an agent installed and we are bothered a lot by it because it seems to be using a lot of computer resources."
"The deployment part needs to be improved."
"It could be a bit easier to implement."
"The integration has room for improvement, especially with Mac OS."
"The security is good but the feature set is limited."
"We would like more application control in order to be able to schedule times and access."
"DLP support would be a good addition."
"Managing the alerts is a challenge. Singularity generates a lot of alerts and false positives."
"This solution would be more attractive to customers if the price were lower."
"SentinelOne's performance and the accuracy of its incident filtering could be improved."
"I would like to have the same features such as ransomware that are available on the cloud version of SentinelOne also made available for the on-prem version because a lot of people in our region are not ready for cloud solutions."
"In terms of improvement, I would like to see better alerting to let us know if there is anything wrong with SentinelOne working on the endpoint of the computer."
"When comparing SentinelOne to CrowdStrike, I find that CrowdStrike has more comprehensive vulnerability assessment tools."
"They should train their own people so that they can train us better. The theory is good."
More SentinelOne Singularity Complete Pricing and Cost Advice →
Intercept X Endpoint is ranked 7th in Endpoint Protection Platform (EPP) with 101 reviews while SentinelOne Singularity Complete is ranked 2nd in Endpoint Protection Platform (EPP) with 177 reviews. Intercept X Endpoint is rated 8.4, while SentinelOne Singularity Complete is rated 8.8. The top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". On the other hand, the top reviewer of SentinelOne Singularity Complete writes "Provides peace of mind and is good at ingesting data and correlating". Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, Fortinet FortiClient and Fortinet FortiEDR, whereas SentinelOne Singularity Complete is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, ThreatLocker Protect and Cortex XDR by Palo Alto Networks. See our Intercept X Endpoint vs. SentinelOne Singularity Complete report.
See our list of best Endpoint Protection Platform (EPP) vendors, best Extended Detection and Response (XDR) vendors, and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.