Sophos Endpoint
Tech Specs
Strongest Protection. Simple Licensing.
Sophos Endpoint powered by Intercept X delivers unparalleled protection against advanced attacks. Benefit from comprehensive detection and response capabilities with an upgrade to Sophos XDR, or free up your staff with Sophos MDR, our 24/7 managed security service.
Sophos Endpoint System Requirements:
Protect your iOS and Android devices with Sophos Mobile. 
Windows Server and Linux devices require a subscription to Intercept X for Server.
Intercept X Advanced |
Intercept X Advanced
|
Intercept X Advanced with MDR Complete
|
||
|---|---|---|---|---|
|
||||
| THREAT SURFACE REDUCTION | ||||
| Web Protection |
|
|||
| Web Control |
|
|||
| Download Reputation |
|
|||
| Application Control |
|
|||
| Peripheral Control |
|
|||
| Data Loss Prevention |
|
|||
| Server Lockdown (application whitelisting) |
|
|||
| Full Disk Encryption |
Add-on |
Add-on |
Add-on |
|
| THREAT PREVENTION | ||||
| Ransomware file protection (CryptoGuard) |
|
|||
|
Remote ransomware protection (CryptoGuard) Watch Video |
|
|||
| Ransomware Master Boot Record (MBR) protection |
|
|||
|
Context-sensitive Defense: Adaptive Attack Protection Watch Video |
|
|||
|
Context-sensitive Defense: Estate-wide Critical Attack Warnings |
|
|||
| Deep Learning AI-powered malware prevention |
|
|||
| Anti-malware file scanning |
|
|||
| Potentially Unwanted App (PUA) blocking |
|
|||
| Live Protection cloud-lookups |
|
|||
| Behavioral Analysis |
|
|||
| Anti-Exploitation (60+ mitigations) |
|
|||
| Application Lockdown |
|
|||
| Anti-malware Scan Interface (AMSI) |
|
|||
| Malicious Traffic Detection |
|
|||
| Intrusion Prevention System (IPS) |
|
|||
| File Integrity Monitoring (Servers) |
|
|||
|
Intercept X Advanced |
Intercept X Advanced
|
Intercept X Advanced with MDR Complete
|
||
|---|---|---|---|---|
|
||||
| Extensive data on-device and in the cloud |
- |
|||
| Cloud data retention |
- |
90 days |
90 days |
|
| Additional cloud storage available |
- |
1 Year (Add-on) |
1 Year (Add-on) |
|
| Rich on-device data for real-time insights |
- |
|
||
| Compatible with non-Sophos solutions |
- |
|||
| DETECTION | ||||
| Suspicious event detections |
- |
|||
| AI-powered prioritization of detections |
- |
|
||
| Automatic MITRE Framework mapping |
- |
|
||
| Linux container behavioral and exploit detections |
- |
|
||
| Cross-product event correlation and analysis |
- |
|||
| INVESTIGATION | ||||
| RCA threat graphs |
|
|||
| Automatic and manual case creation |
- |
|
||
| Live Discover query tool |
- |
|
||
| Scheduled queries |
- |
|
||
| Simple (SQL-less) search |
- |
|
||
| Forensic data export |
- |
|
||
| On-demand Sophos X-Ops threat intelligence |
- |
|
||
| RESPONSE | ||||
| Automatic malware cleanup |
|
|||
| Automatic ransomware file encryption roll-back |
|
|||
| Automatic process termination |
|
|||
| Synchronized Security: Automatic device isolation via Sophos Firewall |
|
|||
| On-demand device isolation |
- |
|
||
| Live Response remote terminal access |
- |
|
||
|
Intercept X Advanced |
Intercept X Advanced
|
Intercept X Advanced with MDR Complete
|
||
|---|---|---|---|---|
|
||||
| 24/7 threat monitoring and response |
- |
- |
||
| Weekly and monthly reporting |
- |
- |
||
| Health Check |
- |
- |
||
| Expert-led threat hunting |
- |
- |
||
| Threat containment |
- |
- |
||
| Direct call-in support during active incidents |
- |
- |
||
| Full-scale incident response: threats are fully eliminated |
- |
- |
||
| Root cause analysis |
- |
- |
||
| Dedicated Incident Response Lead |
- |
- |
||
| $1M Breach Protection Warranty |
- |
- |
||
|
Intercept X Advanced |
Intercept X Advanced
|
Intercept X Advanced with MDR Complete
|
||
|---|---|---|---|---|
|
||||
| Integrated ZTNA agent |
|
|||
| ZTNA access policy and control |
Optional |
Optional |
Optional |
|