Likelihood to Recommend I would say, where it's well suited as certainly any device where you know that either you're potentially running a Kickstarter device as your own personal unit, but maybe you want to try to connect it to some resource like, "Hey, you know what? This is a small community device. Maybe I'll try connecting my email on the go." You're protected from that perspective with the vendor, even if it's something that might be a bit suspicious from a hardware perspective. There's also the case where any device that you know are running Defender for endpoint that you're good to go. You don't really have to worry about all the other solutions out there because Defender has recovered.
Read full review To be frank, this product is fairly expensive. So I would recommend this to companies that are mid-sized or larger to condone the cost of the purchase. It does save me a significant amount of time in my day - being able to glance at the dashboard and see if there are any outstanding issues that require my attention, as not much digging must be done to accomplish this. So for our company, with a short-staffed IT department, it's incredibly helpful to us. We also qualify for Educational pricing which brings the cost down - which helps tremendously
Read full review Pros It integrates perfectly with Azure Sentinel. I mean, that's great. We can have a single pane of class with other platforms, like Defender for Cloud, Defender for endpoints, and Defender for servers, which is awesome as well. The ease of deployment is because Microsoft made sure around a year ago that every single workstation with Microsoft Windows came with Defender for Endpoints embedded. Read full review Sophos Intercept X is great at preventing malware infections and rolling back their effects. I have seen this happen hundreds of times since we installed it When combined with Sophos Central, you have an easy to use dashboard where you can manage all installations from a single pane of glass. It's easy to deploy on machines and stays updated. Good reporting features including alerts sent to the admin if there's ever something wrong with it. Read full review Cons While it's a very good product for auditing, it has a very hard time to distinguish what is malicious and is an attack, what is not. Very rarely we get indication of a real malicious attack. We got lots of hours for off the shelf malware that it cleans up automatically. So basically we never get to look at it, which is a positive thing, but threats are detected by the third party endpoint, so it will not be enough by itself. Read full review Sophos OOTB policies are very strict and they don't offer anything less strict without you creating new custom policies. I'm sure this is deliberate because the product starts you out in the safest way possible but it means that you will have lots of calls to your tech support desk when you first deploy it unless you do somewhat extensive testing beforehand. Sophos Intercept X is currently broken (at least the DLP component) by having secure boot turned on in the UEFI/BIOS. If any user wants to be able to write data to a USB drive or floppy from their PC (yes we still have a couple users who need to use floppies) we have to turn off secure boot on their PC, even if the DLP policy for that user/PC combination specifies that the user and PC are allowed to write to USB/floppy. This would be a very serious problem if it weren't for the fact that we have very few users who need to write files to USB. For us it's OK but I bet it would be a deal-breaker for others. I don't see a whole lot of evidence that Intercept X is any different than any other anti-virus, so maybe their admin alerts just don't clearly identify when they have identified a zero-day threat or maybe we just haven't had any zero-day threats. Read full review Likelihood to Renew We have gotten a great product for the price. Easy to maintain and set up on new devices. Support is great and easy to work with and understand.
Read full review Usability Very easy to use
Read full review Support Rating The first time I tried to onboard my macOS endpoints to MDE I struggled for quite a bit. I had to reach out to Microsoft's MDE support team. The tech was very helpful in walking me through the steps during a screen share session
Read full review Most of the support reps are fantastic. There have been a few though that have had to be escalated via Account Manager when they haven't followed up but this is a rare instance, and often followed up by the Support Manager for APAC.
Read full review Implementation Rating Best thing was the help pushing out via group policy and was able to get instructions for that on sophos site
Read full review Alternatives Considered Tenable Security Center was a fantastic exposure detection tool but there was always a lag and servers would hang alot when being scanned causing resource traffic. Microsoft Defender for Endpoint on the other hand does not use up most resources soo there is usually noo lag during scanning and it also provide more detailed insights on the network. Also Microsoft Defender for Endpoint integration power has helped us up our security game by delivering a smooth secure network.
Read full review Webroot Endpoint Protection is not even in the same league as Sophos Intercept-X. I have tested and compared both sides by side, run simulations and it's not even close. Plus the Sophos central management is so much better. Easier to view user activities and apply policies and remediate threats. Sophos is the clear winner between these two products.
Read full review Return on Investment Positive : Microsoft Defender for Endpoint offers sophisticated threat detection and response capabilities, putting it into use helps increase security. Reduced security incidents, data breaches, and related expenses may arise from this. Positive : A more secure environment means less time and effort spent by IT and security teams on remediation and incident response. False Positives: Like any security solution, false positives can occur, leading to unnecessary investigations and potential disruptions to business operations. This may require additional resources to manage. Read full review Once our technical and commercial areas got certified, the ROI over the time spent, is great. Actual customers, and/or new ones with other tools, feel safe and advised, once they get in touch with us. When Sophos EndPoint is being compared against Web Management Tools (competitors), we have failed to deliver, nevertheless, there is a version of Sophos Central (Cloud) which achieves this requirement at 100% and more, since is Cloud Based (on AWS). We are grateful to be on Sophos "Radar" as a Platinum Partner, and "The Americas" valued partner, we have seen our business grow, thanks to this kind of technology, throughout the years. Read full review ScreenShots Microsoft Defender for Endpoint Screenshots Sophos Intercept X Screenshots