First things first. Prior to the introduction of the Sophos Intercept X suite, Sophos offered Central Endpoint as its primary endpoint protection solution. As an older product, it doesn’t include deep learning AI, CryptoGuard, and some other protection features that Intercept X does.
Recently, we’ve talked a little about Sophos Intercept X broadly speaking, but it might be helpful to understand the differences between the three iterations of Intercept X. The main differences between Intercept X and Sophos Central Endpoint is the addition of Deep Learning Malware Detection, Exploit Prevention, Malicious Traffic Detection, Active Adversary Mitigations, and a few other things. It is worth noting, however, that Central Endpoint does have features that the basic Intercept X does not. So Central Endpoint is still very much a viable product in it’s own right.
Sophos Intercept X Advanced
The Intercept X platform merges technologies such as deep learning, AI and endpoint detection and response to provide holistic endpoint security. It works for Mac and Windows personal computers (PCs) as well as servers, virtual machines, and cloud-based IT infrastructure. It also protects mobile devices using Android, iOS, and Chrome operating systems.
Intercept X Advanced has a very robust suite of preventative security features in all of it’s iterations. For example, you gat Application Control, Deep-Learning Malware Detection, DLP, IPS, Safe Browsing, Exploit Prevention, and so on. It is a very defensive, reactive feature set.
Sophos Intercept X Advanced with EDR
Moving on to Sophos Intercept X Advanced with EDR adds other capabilities to the mix. In a nutshell, Intercept X with EDR introduces several “Detect and Investigate” features. If Intercept X Advanced is like an army ready to defend your network from attack, then Intercept X Advanced with EDR throws in the FBI to snoop out the bad guys. Hopefully before they even get the chance to act. Some of the additional abilities (but not all) are Suspicious Events Detection, Deep Learning Malware Analysis, Single-Click Clean and Block, and Synchronized Security Heartbeat.
Sophos Intercept X with MTR (Standard)
Sophos Intercept X with Mitigated Threat Response is the next step up. If Intercept X Advanced with EDR gives the ability to detect and snoop, Intercept X with MTR has a managed service component. In other words, you have more outside expertise at your disposal. Things like 24/7 Lead-Driven Threat Hunting (which is really cool sounding), Threat Neutralization and Remediation, and Data Retention.
There is also an Advanced version of Intercept X with MTR. In addition to everything else, it also offers 24/7 Lead-less Threat Hunting, Direct Call-In Support, and Threat Response Team Lead, and I think it’ll also feed the cat and take out the trash.
In short, Intercept X with MTR provides response capabilities from an expert team as a fully-managed service.
However, the whole Intercept X family of products covers a wide range of medium-to-large business use cases. This is a serious product that offers a huge buffet line of features depending on your needs and your abilities to take advantage of them. Sophos Intercept X is ideal for businesses with Information Technology staff and many endpoints to protect. If your business includes hundreds or thousands of endpoints, Intercept X is a potent protection product. But they all share the same clean, recognizeable, easy-to-navigate Sophos Central cloud interface.
|Endpoint Detection and Response|
|Managed Threat Response|
|Deep Learning Technology|