Endpoint Security
Tech Specs
Strongest Protection. Simple Licensing.
Sophos Intercept X endpoint security delivers unparalleled protection against advanced attacks. Benefit from comprehensive detection and response capabilities with an upgrade to Sophos XDR, or free up your staff with Sophos MDR, our 24/7 managed security service.
Intercept X System Requirements:
Protect your iOS and Android devices with Sophos Mobile. 
Windows Server and Linux devices require a subscription to Intercept X for Server.
Intercept X Advanced |
Intercept X Advanced
|
Intercept X Advanced with MDR Complete
|
||
|---|---|---|---|---|
|
||||
| THREAT SURFACE REDUCTION | ||||
| Web Protection |
|
|||
| Web Control |
|
|||
| Download Reputation |
|
|||
| Application Control |
|
|||
| Peripheral Control |
|
|||
| Data Loss Prevention |
|
|||
| Server Lockdown (application whitelisting) |
|
|||
| Full Disk Encryption |
Add-on |
Add-on |
Add-on |
|
| THREAT PREVENTION | ||||
| Ransomware file protection (CryptoGuard) |
|
|||
|
Remote ransomware protection (CryptoGuard) Watch Video |
|
|||
| Ransomware Master Boot Record (MBR) protection |
|
|||
|
Context-sensitive Defense: Adaptive Attack Protection Watch Video |
|
|||
|
Context-sensitive Defense: Estate-wide Critical Attack Warnings |
|
|||
| Deep Learning AI-powered malware prevention |
|
|||
| Anti-malware file scanning |
|
|||
| Potentially Unwanted App (PUA) blocking |
|
|||
| Live Protection cloud-lookups |
|
|||
| Behavioral Analysis |
|
|||
| Anti-Exploitation (60+ mitigations) |
|
|||
| Application Lockdown |
|
|||
| Anti-malware Scan Interface (AMSI) |
|
|||
| Malicious Traffic Detection |
|
|||
| Intrusion Prevention System (IPS) |
|
|||
| File Integrity Monitoring (Servers) |
|
|||
|
Intercept X Advanced |
Intercept X Advanced
|
Intercept X Advanced with MDR Complete
|
||
|---|---|---|---|---|
|
||||
| Extensive data on-device and in the cloud |
- |
|||
| Cloud data retention |
- |
90 days |
90 days |
|
| Additional cloud storage available |
- |
1 Year (Add-on) |
1 Year (Add-on) |
|
| Rich on-device data for real-time insights |
- |
|
||
| Compatible with non-Sophos solutions |
- |
|||
| DETECTION | ||||
| Suspicious event detections |
- |
|||
| AI-powered prioritization of detections |
- |
|
||
| Automatic MITRE Framework mapping |
- |
|
||
| Linux container behavioral and exploit detections |
- |
|
||
| Cross-product event correlation and analysis |
- |
|||
| INVESTIGATION | ||||
| RCA threat graphs |
|
|||
| Automatic and manual case creation |
- |
|
||
| Live Discover query tool |
- |
|
||
| Scheduled queries |
- |
|
||
| Simple (SQL-less) search |
- |
|
||
| Forensic data export |
- |
|
||
| On-demand Sophos X-Ops threat intelligence |
- |
|
||
| RESPONSE | ||||
| Automatic malware cleanup |
|
|||
| Automatic ransomware file encryption roll-back |
|
|||
| Automatic process termination |
|
|||
| Synchronized Security: Automatic device isolation via Sophos Firewall |
|
|||
| On-demand device isolation |
- |
|
||
| Live Response remote terminal access |
- |
|
||
|
Intercept X Advanced |
Intercept X Advanced
|
Intercept X Advanced with MDR Complete
|
||
|---|---|---|---|---|
|
||||
| 24/7 threat monitoring and response |
- |
- |
||
| Weekly and monthly reporting |
- |
- |
||
| Health Check |
- |
- |
||
| Expert-led threat hunting |
- |
- |
||
| Threat containment |
- |
- |
||
| Direct call-in support during active incidents |
- |
- |
||
| Full-scale incident response: threats are fully eliminated |
- |
- |
||
| Root cause analysis |
- |
- |
||
| Dedicated Incident Response Lead |
- |
- |
||
| $1M Breach Protection Warranty |
- |
- |
||
|
Intercept X Advanced |
Intercept X Advanced
|
Intercept X Advanced with MDR Complete
|
||
|---|---|---|---|---|
|
||||
| Integrated ZTNA agent |
|
|||
| ZTNA access policy and control |
Optional |
Optional |
Optional |
|
Try Sophos Intercept X Endpoint Security for Free
Sign up for a free no-obligation 30-day trial.