Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
$2.50
per user/per month
Sophos Intercept X
Score 8.8 out of 10
N/A
Sophos Endpoint Protection (Sophos EPP) with Intercept X is an endpoint security product providing an antivirus / antimalware solution that when upgraded with Intercept X or Intercept X Advanced provides advanced threat detection and EDR capabilities.
$28
per year per user
Windows Server
Score 8.5 out of 10
N/A
N/A
N/A
Pricing
Microsoft Defender for Endpoint
Sophos Intercept X
Windows Server
Editions & Modules
Academic
$2.50
per user/per month
Standalone
$5.20
per user/per month
Intercept X Advanced
$28
per year per user
Intercept X Advanced with XDR
$48
per year per user
Sophos Managed Threat Response
$79
per year per user
No answers on this topic
Offerings
Pricing Offerings
Microsoft Defender for Endpoint
Sophos Intercept X
Windows Server
Free Trial
Yes
No
No
Free/Freemium Version
No
No
No
Premium Consulting/Integration Services
No
No
No
Entry-level Setup Fee
No setup fee
No setup fee
No setup fee
Additional Details
—
Pricing is for a 3-year commitment. Government and Education pricing available.
I've used Sophos, Bitdefender, SentinelOne, and, of course, Microsoft Defender for Endpoint. We chose this at the time because we were such a Microsoft shop that it just seemed to integrate well with all the other things that we had set up with Microsoft.
Previously, we've used Sophos. We've used, way back when, McAfee, Norton, Symantec, all those. And we finally settled on Microsoft Defender for Endpoint. We're a Microsoft technology stack shop. So obviously it was natural. It's built into Windows, so we're not adding …
Unless you have a dedicated Security Operations Center working twenty four hours a day seven days a week that is able to constantly monitor Cylance and make the necessary changes for your users, it is not worth the trouble. Microsoft Defender for Endpoint does what it needs to …
Microsoft Defender for Endpoint consistently showed better user experiences during scans due to the reduced amount of resources used on each system compared to our previous endpoint protection solutions. However, the main reason we chose Microsoft Defender for Endpoint is …
Microsoft Defender for Endpoint offers strong integration with Microsoft 365 and Azure services, which provide a unified security experience. While McAfee Trellix is known for solid antivirus, Microsoft Defender excels in integration in the ecosystem.
Defender is far easier to deploy and manage than Sophos and tends to work without as many issues. The threat assessment portal provides an in-depth view of the organization's security posture, whereas Sophos only shows the patching status of the PCs. We did need Intune to get …
Cylance's policy is to block everything and requires an active person to monitor and unblock legitimate processes. As updates and software continue to evolve, it is a full-time job to be a Cylance administrator. Microsoft Defender for Endpoint is a set-and-forget solution that …
Microsoft Defender for Endpoint is the most cost effective solution considering our Microsoft 365 licensing status. While many 3rd party solutions are great and have been used over the years, in the non-profit world, cost is a huge driving factor of items. Coupled with …
Microsoft Defender for Endpoint is on par or exceeds the competitor products and provides an enterprise grade EDR solution. Based on the savings by bundling Microsoft products under the E5 license and the benefits it provides; it is an excellent choice for customers looking for …
MDE integrates much more into our M365 ecosystem than any other MDR possibly could. Bitdefender may have provided a similar level of endpoint protection but the reporting, vulnerability reporting and other incident tracking and correlation are critical in today's business …
Crowdstrike is the more feature complete product but licensing model and cost does not work well with the small business model. ESET Protect is considerably more complicated from a licensing perspective but once operational is a fine product.
Microsoft Defender for Endpoint is far more robust and easy to use than NinjaOne's RMM tools. Microsoft Defender for Endpoint allows us to easily manage our endpoints, from an almost single pane of glass, whereas Ninja has multiple settings, policies, etc. that are harder to …
We use Microsoft Defender for Endpoint along with Crowdstrike on some of our critical systems as it enhances the protection we have for our environment.
We have not used anything else other than Microsoft Defender for Endpoint. Maybe we've used other antivirus software like Sophos and things like that. They're just not all encompassing and that's why we moved to use this product.
I have been working with customers that they are transitioning from Sentinel One, CrowdStrike to Defender for Endpoint, right? So I think it's because they see the value in the product and also they see how much they can save in terms of the cost for companies because they …
We previously used CrowdStrike on our servers. However, the seamless integration of Microsoft Defender (MD) with XDR and the entire Microsoft ecosystem led us to choose Microsoft Defender for Endpoint (MDE).
What we love more about this product is the way this pro gets integrated into the other family of solutions, especially Defender for Identity or the XDR solutions. We think that the market, the customers are full of unattended consults coming out from different vendors and that …
Sophos Intercept X is one of the industry leaders for a reason. Apart from integration issues, Sophos Intercept X stands above the rest when it comes to protection and usability. I have used at least 30 different antiviruses, antimalware, and antiransomeware programs and none …
Sophos Intercept X offers a far more comprehensive and stable product when pitted up against Comodo Advanced Endpoint Protection and Watchguard Endpoint Security - both of which we offer as low cost alternatives for customers who are adamant about not paying for Sophos …
I don't feel it's fair to compare Sophos Intercept X with the versions of Symantec and AVG that I have used in the past - as that was such a long time ago. I'm sure those other companies have released far more features than I used all those years ago.
Sophos Intercept X is easy to manage and deploy under your business. I think it is comparable to BitDefend with the ability to send out deployment via email or directly add it to the computer. I have noticed that Bitdefender seems to eat a lot of resources during its scans …
Webroot endpoint protection is not even in the same league as Sophos Intercept-X. I have tested and compared both sides by side, run simulations and it's not even close. Plus the Sophos central management is so much better. Easier to view user activities and apply policies and …
I personally found Sophos Intercept X GUI to be easy to use. The agent is easy to deploy on client machines and runs in the background silently. It has a very good virus, malware scan engine that picks out a high percentage of malicious software. The price was also very …
Sophos is much more user friendly and scalable for partners who wish to [centralize] all security across the IT industry, from email security, server security, phish threat management and more.
We have used Avast, AVG, Panda, Sophos' original antivirus product, and Symantec before and it is better than each of them. The cloud console is the star of the show and it dramatically reduces the cost and effort needed to install the product. Other products were only …
It provides more features for the same price. These added features differentiate Sophos from the rest of the pack, making it a better solution. Also, the ability to integrate with your Sophos firewall if you have one adds another level of integration and protection. This …
We didn’t evaluate any other products. I used Sophos at a previous company and when I started here, they were using the on-prem version. We immediately migrated to central and haven’t looked back. I am aware of the competitors, but once you are comfortable with a quality …
Sophos offered better value for money whilst beating the above products on detection and prevention. The GUI is fantastic and easy to use and works seamlessly on top of other features like DLP, application control and web monitoring. I would recommend getting the XG firewall as …
Sophos Intercept X is a little less expensive than the comparable package from Trend Micro and a little more expensive than a comparable package from Symantec, but in my opinion, it's easier to operate and it's got better centralized controls than both of the others. But the …
Trend Micro offered similar protection, however at the time did not offer EDR as a solution. The big benefit to Trend Micro was the capability to push out the installation of the agent to assets within the Trend Micro console, eliminating the need for a GPO or deployment …
Sophos is by far the simplest of the products to setup and going in a very short period of time at a very similar price point. Trend is overly complex and relied on an appliance for each ESX node meaning you lose one appliance and then you lose protection across multiple …
Besides legacy malware protection, Sophos is doing a good job in protecting against ransomware, thanks to their Intercept X and its behavioral analytics that would stop ransomware that was never seen in wild.
Best in class... PERIOD... Bit Defender is a good AV product by itself, but it lacks in Next Gen Heuristic detection. It has allowed malware to get past it in our client environments, even with Admin permissions restricted. Sophos is hands down a superior product when paired …
Sophos I feel is a better product upon installation we had a few systems that reported threats that ESET did not catch. Sophos also has multiple other products that we were able to bundle together and still have one interface to do. Intercept X, Endpoint Protection, and …
In our analysis we discovered that for the price and feature set, Sophos was able to rise above the rest. Pricing is always a large consideration, however it isn't the only consideration - the feature set that Sophos Endpoint Protection provided over its competitors made the …
I find Microsoft Windows Server is a much easier OS to deploy and administer. It does require more resources to run, requires more security updates and overall has a larger footprint. Rebooting the Windows Server takes a much longer time than RHEL for example. An administration …
Windows Server blows any of the Linux flavors I've used out of the water. Even after gaining experience with Linux, I'm able to achieve the same results in Windows Server from a command line much quicker than in Linux simply because Windows Server, especially with the …
Windows Server is much easier to work with and it's widely adopted. It have a lot of features and a nice gui. In the other hand linux systems are more robust and often more secure , but the learning curve and technician needed for it are much higher. Depend on the usage you got …
They are different experiences, and while the other solutions offer enterprise-grade stability and, in some cases, address Windows server shortcomings (such as patching), they all do the trick, but the other solutions require a deeper technical background/configuration of items …
It is really all about application support. The only option we really have is Windows Server, and where we can choose we continue to use it for consistency as well as compatibility with the systems where we are forced to use Windows Server).
We've utilized docker and debian for very specific applications and they have been useful - overall Windows Server provides a better package. I would choose VMware ESXi over Windows Server for virtualization as it's far more reliable in our experience. I can't imagine using a …
There are plenty of other server solutions out there which may be better suited for certain tasks, but Windows Server is the way to get a Windows environment going. For simple setups, there are many alternatives, but often there are key features lacking, or a restriction on …
Windows Server is more cost-effective and skills are easier to find to support the products. The deployment and management of the product can be automated with Microsoft SCCM. In my opinion, Linux seems to be more secured but takes more time and effort to learn than Windows …
These are just very different products. They can all have the same functionality but the specific product knowledge with Linux is much higher. This slows down troubleshooting and can leave you with limited options for high end support. There are absolutely good use cases for …
I didn't use any other system which gives the same functionality and I am not aware of any. The full integration between all components and especially the ability to integrate mail via Exchange or even via a hybrid setup with the Ofice365 cloud, including the ability to …
For our more experienced users and for simple web apps we will go the RHEL route but with Windows Server such an industry standard the the ease of use of the GUI it just makes more sense for most applications that use it. It also generally has a lot more interoperability …
Linux is great, but support is harder to come by. You also need to pay linux admins more as it is a much smaller group of people that can support it. Windows is the industry standard with the most support available. Going with another platform just didn't seem to make sense …
I have some basic experience using various builds of Linux and have always found myself coming back to Windows. Perhaps after years of working with Microsoft products they all have a similar feel and configuration options. Microsoft products are my typical first choice where …
We have various servers or appliances that run on various flavors of Linux that do their jobs well, but we configure and manage them very lightly at the OS level. Most of the admin on these devices is sone inside the applications themselves. We don't shy away from new …
All the other products I have used in the past OS2 servers, Novell Netware, Banyan Vines etc don't show up in the search list, which i guess goes to show that the best wins.
I have used/administered several servers using systems like Ubuntu, Debian, and CentOS. While these systems are great in their own rights, you are typically using a command-line interface or shell in order to administrate the system. This requires a lot of commands to be …
For our purposes it came down to picking between Windows and Linux and at the end of the day we picked both. We use Windows for 80% of our server needs to run our Web, File, Print, DHCP, Internal DNS, Active Directory, SQL, Web and other windows based servers. We use linux …
Windows Server has become one of the industry standards for providing file and directory services for the majority of users because of the ease with which it interacts with the common desktop OS, as opposed to needing to provide esoteric support for users to be able to work …
About any linux distro can be setup to handle services that a Windows Server can do, except I have not personally found anything nearly as convenient of a replacement for Active Directory, Group Policy, or an RD Gateway. There are alternatives to those services, they just …
Windows Server is by far the easiest server option to get started with because they offer the same kind of interface with windows that most users are already familiar with. Plus, it's the most graphically friendly option, so it is easy to navigate. Lastly, it is the most …
I can definitely tell you where it’s more suited, because we haven’t come across any less appropriate scenarios. But definitely in regard to how we centrally manage our user space and our endpoints, it’s been beneficial from an API perspective and is really transferable, with strong collaboration with our Azure stack. It works very well.
Sophos Intercept-X is well suited for any environment big or small. There is even a home version that is free that I highly recommend for anyone at home. If you are looking for endpoint protection that is centrally managed, catches everything, and has many features this is the product for you.
Anytime I need a server for something, whether to test a new platform or app, devote a server to hosting something, etc., Windows Server is my go-to choice. Recently I needed a new server to host a web server and web application, so I spun up a Windows Server 2025 VM and was up and running in no time at all.
It really protects our endpoints. We've used other antivirus programs in the past, and they haven't had that full confidence in those products compared to what Microsoft Defender for Endpoint does for us.
Another pro is that it's easy to manage the management console through Intune to see Microsoft Defender for Endpoint up in the cloud and see the state of our devices.
Another pro is we haven't had an incident since we installed it.
Microsoft needs to minimize the update frequency by making the product more secure. It can become very exhausting trying to keep updated if you don't have a dedicated support team. It can become challenging where the business is unable to allow downtime for reboots as part of the update process.
Prone to security and audit vulnerabilities.
The operating system needs more CPU and memory resources compared to other options such as Linux.
Understanding the licensing model can be abit confusing.
Comes with a standard firewall, but not the most secured one available. Would suggest using a more secured firewall as part of your antivirus software.
Due to the number of vulnerabilities and the operating system being a target for hackers, anti-virus software is a must.
Microsoft Defender is closely catching -up in market with existing competitors they have added DLP endpoint & DLP Network and Cloud DLP solution last year with OCR capabilities. I would say Microsoft Defender is not legacy Vendor in end point security, the need to learn from other vendors in market and focus on new XDR technologies, which is going to be new battle for all vendors
I've carefully reviewed the servers and services currently running on Windows Server 2012, and given the opportunity would renew them as is going forward. There are two systems I currently have in place, one is a very large Linux implementation for a large ecommerce site, and one is a very large backup solution front ended by FTP servers running Linux. Neither are well suited for Windows, but the overall network infrastructure is and will be Windows Server for the foreseeable future.
Microsoft Defender for Endpoint is a great EDR to have that works quickly and silently in the background and it integrates well with other Microsoft services. As an IT manager, I can appreciate that I do not get bombarded by alerts for every small detail. On the flipside, the management site can use some work in being more clear and should be more streamlined so I'm not clicking through multiple pages to figure out what happened
The usability has never been a problem. Sophos Intercept X is a program you can install and let protect your company without much intervention. Apart from a few policies, Sophos will keep you protected better than most any product on the market. Sophos Intercept X works quite well when you are looking to "tighten your grip" on user's access to websites, programs, and add-ons.
There are simply too many different parts of Windows Server to make it a cohesive piece of software. While some of the newer features found in Windows Server 2012 and 2016 have nice UIs that are logically laid out, there are enough parts of the system that is still based on old code with clunky UIs and confusing options to make Windows Server a particularly user-friendly experience.
Microsoft Defender for Endpoint chugs along just fine no matter what we throw at it and what systems it's running on. It doesn't take up a lot of resources either, so that's welcomed.
Overall support is really good for this product. Since it's a Microsoft product, you will get good support from a number of different resources, including knowledgebase articles on the web, support from Microsoft technicians, and documentation (which tends to very thorough). Also, there is a vast user support community for this product, so user support forums would also be another valuable channel to get help if needed. I don't envision too many people will have issues/problems with the product, as it tends to run good overall.
Most of the support reps are fantastic. There have been a few though that have had to be escalated via Account Manager when they haven't followed up but this is a rare instance, and often followed up by the Support Manager for APAC.
Microsoft's support is hugely wide-ranging from articles online to having to contact them directly for the more serious issues. In recent years when I have contacted them directly, I have found the support o be excellent as I have found myself connected to very knowledgeable people in the field in which I needed the support. The online support available is vast and I tend to find most of the time that there is always someone out there who has had the same issue as me in the past and knows something about how to resolve it! This is the advantage of using industry standard and long-established systems such as Windows Server.
Deployment was handled by our team here and everything went pretty smoothly. We did have a few hiccups in our test group, but that only took a bit to get ironed out.
Make sure that you have detailed processes in place for every server instance you plan to install/upgrade, if possible get the base OS loaded and Windows Updates applied ahead of time, and if using a VM take a snapshot prior to installing each role, as well as along the way.
I've used Sophos, Bitdefender, SentinelOne, and, of course, Microsoft Defender for Endpoint. We chose this at the time because we were such a Microsoft shop that it just seemed to integrate well with all the other things that we had set up with Microsoft.
I don't feel it's fair to compare Sophos Intercept X with the versions of Symantec and AVG that I have used in the past - as that was such a long time ago. I'm sure those other companies have released far more features than I used all those years ago
I find Microsoft Windows Server is a much easier OS to deploy and administer. It does require more resources to run, requires more security updates and overall has a larger footprint. Rebooting the Windows Server takes a much longer time than RHEL for example. An administration task such as expanding a drive in Windows can be very simple, however in RHEL it is not.
Another positive impact is that Microsoft Defender for Endpoint is built into the Windows OS. So naturally, it is much easier to load it out and manage it, rather than acquiring it through party ER, deploying it, and managing it separately. So that's definitely on the positive side that we observe there's a byproduct of changing Microsoft Defender for Endpoint.
Before we had Intercept X, we had several infections of ransomware. Since that time it has stopped at least 10 attempts, saving us thousands of man-hours and hundreds of thousands of dollars.
By decreasing the time needed for malware remediation, it has saved us the cost of .25 FTE in the IT department.
Initial setup was cumbersome and cost us .1 FTE in additional costs the first year.