Kaspersky Endpoint Detection and Response (EDR) Optimum helps identify, analyze and neutralize evasive threats by providing easy-to-use advanced detection, simplified investigation and automated response. It is a basic EDR tool for mid-market organizations who are just starting to build their incident response processes.
$14.50
per year on a 3 year license (Pricing is for a 3-year commitment, calculated per year). 1 endpoint
Sophos Intercept X
Score 8.7 out of 10
N/A
Sophos Endpoint Protection (Sophos EPP) with Intercept X is an endpoint security product providing an antivirus / antimalware solution that when upgraded with Intercept X or Intercept X Advanced provides advanced threat detection and EDR capabilities.
$28
per year per user
Pricing
Kaspersky EDR Optimum
Sophos Intercept X
Editions & Modules
Kaspersky EDR Optimum
$14.50
per year on a 3 year license (Pricing is for a 3-year commitment, calculated per year). 1 and 2 year licenses also available. per endpoint
Intercept X Advanced
$28
per year per user
Intercept X Advanced with XDR
$48
per year per user
Sophos Managed Threat Response
$79
per year per user
Offerings
Pricing Offerings
Kaspersky EDR Optimum
Sophos Intercept X
Free Trial
Yes
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
Yes
No
Entry-level Setup Fee
Optional
No setup fee
Additional Details
—
Pricing is for a 3-year commitment. Government and Education pricing available.
More Pricing Information
Community Pulse
Kaspersky EDR Optimum
Sophos Intercept X
Considered Both Products
Kaspersky EDR Optimum
Verified User
Administrator
Chose Kaspersky EDR Optimum
I do not currently use Kaspersky any more (it was a business decision, not a technical one). However, having the knowledge now, I believe it would not be the winner. However, it will be definetly above Trend Micro (for many reasons). However, it might be a balance between …
After several evaluations we concluded that the kasprsky provider has a solution for each processing environment we have.This impacts an excellent cost-benefit for achieving economies of scale on the company's infrastructure. On the other hand, we verified that during its …
We have been using Kaspersky EDR Optimum for over 10 years, with the evolution of products reaching EDR now, we can verify the integrated responsiveness and visibility of our environment. Great protection tool on all OS. Very good value for money, with the new licensing, all business plans will now have native EDR.
To be frank, this product is fairly expensive. So I would recommend this to companies that are mid-sized or larger to condone the cost of the purchase. It does save me a significant amount of time in my day - being able to glance at the dashboard and see if there are any outstanding issues that require my attention, as not much digging must be done to accomplish this. So for our company, with a short-staffed IT department, it's incredibly helpful to us. We also qualify for Educational pricing which brings the cost down - which helps tremendously
KEDR Optimum is helping to see threat kill chain formation, which helps to get clear picture of the what exactly attacker was trying to do during attack.
We are crating prevent execution rules to block the threat in our complete infra.
Ioc scan to validate and remove the any active threat entry from our endpoints
Sophos Intercept X is great at preventing malware infections and rolling back their effects. I have seen this happen hundreds of times since we installed it
When combined with Sophos Central, you have an easy to use dashboard where you can manage all installations from a single pane of glass.
It's easy to deploy on machines and stays updated.
Good reporting features including alerts sent to the admin if there's ever something wrong with it.
Sophos OOTB policies are very strict and they don't offer anything less strict without you creating new custom policies. I'm sure this is deliberate because the product starts you out in the safest way possible but it means that you will have lots of calls to your tech support desk when you first deploy it unless you do somewhat extensive testing beforehand.
Sophos Intercept X is currently broken (at least the DLP component) by having secure boot turned on in the UEFI/BIOS. If any user wants to be able to write data to a USB drive or floppy from their PC (yes we still have a couple users who need to use floppies) we have to turn off secure boot on their PC, even if the DLP policy for that user/PC combination specifies that the user and PC are allowed to write to USB/floppy. This would be a very serious problem if it weren't for the fact that we have very few users who need to write files to USB. For us it's OK but I bet it would be a deal-breaker for others.
I don't see a whole lot of evidence that Intercept X is any different than any other anti-virus, so maybe their admin alerts just don't clearly identify when they have identified a zero-day threat or maybe we just haven't had any zero-day threats.
At the moment and unfortunately we'll not renew our licenses, due to the Russian conflict and the company policy that has forced us to get rid of any Russian related product. Before that incident, we were very happy with the product and we did not even think once about changing it... Maybe on the future...
The usability has never been a problem. Sophos Intercept X is a program you can install and let protect your company without much intervention. Apart from a few policies, Sophos will keep you protected better than most any product on the market. Sophos Intercept X works quite well when you are looking to "tighten your grip" on user's access to websites, programs, and add-ons.
This item can always be improved, perhaps by pre-elaborating very long reports, such that they are built progressively so that when the user wants to consult them, the delay is minimal. It would also be interesting to have a warehouse of reports, which serves as a repository where they can be consulted whenever needed, adding AI capabilities that allow data to be linked together and improve the analysis and possible correlations of events.
Most of the support reps are fantastic. There have been a few though that have had to be escalated via Account Manager when they haven't followed up but this is a rare instance, and often followed up by the Support Manager for APAC.
After several evaluations we concluded that the kasprsky provider has a solution for each processing environment we have.This impacts an excellent cost-benefit for achieving economies of scale on the company's infrastructure. On the other hand, we verified that during its operation, its level of effectiveness in terms of malware detection is excellent. Finally, it provides a desktop patch management solution that we found efficient and effective. Allowing you to automate the distribution of patches with a minimum staffing of technical personnel.
Webroot Endpoint Protection is not even in the same league as Sophos Intercept-X. I have tested and compared both sides by side, run simulations and it's not even close. Plus the Sophos central management is so much better. Easier to view user activities and apply policies and remediate threats. Sophos is the clear winner between these two products.
Once our technical and commercial areas got certified, the ROI over the time spent, is great. Actual customers, and/or new ones with other tools, feel safe and advised, once they get in touch with us.
When Sophos EndPoint is being compared against Web Management Tools (competitors), we have failed to deliver, nevertheless, there is a version of Sophos Central (Cloud) which achieves this requirement at 100% and more, since is Cloud Based (on AWS).
We are grateful to be on Sophos "Radar" as a Platinum Partner, and "The Americas" valued partner, we have seen our business grow, thanks to this kind of technology, throughout the years.
