Intercept X is available for devices running on Windows and macOS. Intercept X is the industry’s most comprehensive endpoint protection and includes the options for powerful extended detection and response (XDR) and a fully managed detection and response (MDR) service.
For further information please see the Intercept X datasheet, Mac datasheet and XDR datasheet.
Get details on system requirements and supported operating systems in the Windows and macOS articles.
|
Features |
Intercept X Advanced |
Intercept X Advanced with XDR |
Intercept X Advanced with MDR |
Intercept X Advanced with MDR Complete |
|---|---|---|---|---|
| ATTACK SURFACE | ||||
| Web Security | ||||
| Download Reputation | ||||
| Web Control / Category-based URL Blocking | ||||
| Peripheral Control | ||||
| Application Control | ||||
| BEFORE IT RUNS ON DEVICE | ||||
| Deep Learning Malware Detection | ||||
| Anti-Malware File Scanning | ||||
| Live Protection | ||||
| Pre-execution Behavior Analysis (HIPS) | ||||
| Potentially Unwanted Application (PUA) Blocking | ||||
| Intrusion Prevention System | ||||
| STOP RUNNING THREAT | ||||
| Data Loss Prevention | ||||
| Runtime Behavior Analysis (HIPS) | ||||
| Antimalware Scan Interface (AMSI) | ||||
| Malicious Traffic Detection (MTD) | ||||
| Exploit Prevention | ||||
| Active Adversary Mitigations | ||||
| Ransomware File Protection (CryptoGuard) | ||||
| Disk and Boot Record Protection (WipeGuard) | ||||
| Man-in-the-Browser Protection (Safe Browsing) | ||||
| Enhanced Application Lockdown | ||||
| DETECT | ||||
| Live Discover (Cross Estate SQL Querying for Threat Hunting & IT Security Operations Hygiene) | ||||
| SQL Query Library (pre-written, fully customizable queries) Suspicious Events Detection and Prioritization | ||||
| Suspicious Events Detection and Prioritization | ||||
| Fast Access, On-disk Data Storage (up to 90 days) | ||||
| Cross-product Data Sources e.g. Firewall, Email (Sophos XDR) | ||||
| Cross-product Querying (Sophos XDR) | ||||
| Sophos Data Lake Cloud Storage |
30 days |
30 days |
30 days |
|
| Scheduled Queries | ||||
| INVESTIGATE | ||||
| Threat Cases (Root Cause Analysis) | ||||
| Deep Learning Malware Analysis | ||||
| Advanced On-demand Sophos X-Ops Threat Intelligence | ||||
| Forensic Data Export | ||||
| REMEDIATE | ||||
| Automated Malware Removal | ||||
| Synchronized Security Heartbeat | ||||
| Sophos Clean | ||||
| Live Response (remotely investigate and take action) | ||||
| On-demand Endpoint Isolation | ||||
| Single-click “Clean and Block” | ||||
| HUMAN-LED THREAT HUNTING AND RESPONSE | ||||
| 24/7 Lead-driven Threat Hunting | ||||
| Security Health Checks | ||||
| Data Retention | ||||
| Activity Reporting | ||||
| Adversarial Detections | ||||
| Threat Neutralization & Remediation | ||||
|
Full-scale Incident Response: threats are fully eliminated Requires full Sophos XDR agent (protection, detection and response) |
||||
| Root Cause Analysis: performed to prevent future recurrence | ||||
| Dedicated Incident Response Lead | ||||
| ZERO TRUST NETWORK ACCESS | ||||
| Integrated ZTNA agent | ||||
| ZTNA Access Policy and Control | Optional | Optional | Optional | Optional |
For supported Linux features see the license guide.