We performed a comparison between Elastic Security and Intercept X Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Detection and Response (EDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It gives a lot of flexibility in terms of configuration and customization as per the business requirements."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"Microsoft 365 Defender is a stable solution."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"The 'Incidents and Alerts' tab is a valuable feature where we can find triggered alerts."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"It is scalable."
"It's simple and easy to use."
"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."
"The product has huge integration varieties available."
"The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"The scalability is good. It can be scaled easily in the production environment."
"It is the best open-source product for people working in SO, managing and analyzing logs."
"We most value the price and interface quality with Sophos Intercept X. We focus on solution quality."
"The deployment is quick. It just depends on the environment and what you may be replacing."
"Solution for endpoint detection and response, with good stability and scalability. Users also benefit from email protection and data loss prevention."
"What I have found the most valuable about Sophos Intercept X is the ease of use with management administration and the solution's ability to stop exploits and ransomware."
"The key factor that attracted me to Sophos Intercept X was the multi-platform. I have multiple clients that have mixed environments of Mac and Windows. I am able to deliver a standard solution, regardless of the platform."
"The most valuable feature of the solution is that it is less hash-based than competitors."
"The most valuable features are ease of use and the GUI."
"The most valuable features are the cloud administration and the strength of the ransomware protection."
"The web filtering solution needs to be improved because currently, it is very simple."
"Offboarding latency should be reduced. Even after a device has been successfully offboarded using a particular offboarding script, it still shows up as onboarded."
"In the future, it would be beneficial for Microsoft to consider making the product more user-friendly or simplified for those who are interested in using it. Currently, it requires a high level of technical expertise, making it challenging for beginners or less experienced individuals."
"The data recovery and backup could be improved."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"Advanced attacks could use an improvement."
"Elastic Security's maintenance is hard and its scalability is a challenge. There are complications in scaling and upgrading. The solution needs to also provide periodic upgrade checks."
"Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution."
"The interface could be more user friendly because it is sometimes hard to deal with."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"The training that is offered for Elastic is in need of improvement because there is no depth to it."
"It could use maybe a little more on the Linux side."
"When I use a proxy, I can bypass Sophos, which is an area that needs improvement."
"As for improvement, more notifications or emails about what to watch out for globally would be nice. For instance, information about the spread of a current phishing campaign or ransomware would be very helpful. I find that I have to dig in the back to find out what is happening on the global scene for things to be aware of."
"If Sophos Intercept allows users to restrict website access based on specific needs, such as streaming new videos for business purposes, we would prefer to use that."
"I have not done it, but integrating it with authenticating the users on the Windows system looks a bit complicated to me. It could be because I don't understand it."
"This product does not handle USB drives well."
"In my opinion, there have been significant developments in the product. In my opinion, I don’t have any suggestions as of now, however I can suggest a cost deduction which will be beneficial for all the parties. It will also relieve our budget and benefit our team."
"The product defends very well on its own but could possibly use enhancement in giving users more controls."
"We had some initial problems with our deployment, and they were more around uninstalling Sophos Basic and installing Sophos Intercept X. We had some challenges with some of the uninstallation scripts. They can improve the deployment of Sophos Intercept X when there is already an existing Sophos version. They can also provide more information in the form of best practices and lessons learned from previous findings. A knowledge base with this type of information would be helpful."
Elastic Security is ranked 16th in Endpoint Detection and Response (EDR) with 59 reviews while Intercept X Endpoint is ranked 4th in Endpoint Detection and Response (EDR) with 101 reviews. Elastic Security is rated 7.6, while Intercept X Endpoint is rated 8.4. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Intercept X Endpoint writes "A standard offering with good threat analysis but reduces machine performance". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint, whereas Intercept X Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Fortinet FortiClient. See our Elastic Security vs. Intercept X Endpoint report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Extended Detection and Response (XDR) vendors.
We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.