Endpoint Protection

Tech Specs

Intercept X is available for devices running on Windows and macOS. Intercept X is the industry’s most comprehensive endpoint protection and includes the options for powerful extended detection and response (XDR) and a fully managed threat response (MTR) service.

For further information please see the Intercept X datasheetMac datasheet and XDR datasheet.

Get details on system requirements and supported operating systems in the Windows and macOS articles.

Features

Intercept X Advanced

Intercept X Advanced with XDR

Intercept X Advanced with MTR Standard

Intercept X Advanced with MTR Advanced

ATTACK SURFACE
Web Security

 

 

 

 

Download Reputation

 

 

 

 

Web Control / Category-based URL Blocking

 

 

 

 

Peripheral Control

 

 

 

 

Application Control

 

 

 

 

BEFORE IT RUNS ON DEVICE
Deep Learning Malware Detection

 

 

 

 

Anti-Malware File Scanning

 

 

 

 

Live Protection

 

 

 

 

Pre-execution Behavior Analysis (HIPS)

 

 

 

 

Potentially Unwanted Application (PUA) Blocking

 

 

 

 

Intrusion Prevention System

 

 

 

 

STOP RUNNING THREAT
Data Loss Prevention

 

 

 

 

Runtime Behavior Analysis (HIPS)

 

 

 

 

Antimalware Scan Interface (AMSI)

 

 

 

 

Malicious Traffic Detection (MTD)

 

 

 

 

Exploit Prevention

 

 

 

 

Active Adversary Mitigations

 

 

 

 

Ransomware File Protection (CryptoGuard)

 

 

 

 

Disk and Boot Record Protection (WipeGuard)

 

 

 

 

Man-in-the-Browser Protection (Safe Browsing)

 

 

 

 

Enhanced Application Lockdown

 

 

 

 

DETECT
Live Discover (Cross Estate SQL Querying for Threat Hunting & IT Security Operations Hygiene)  

 

 

 

SQL Query Library (pre-written, fully customizable queries) Suspicious Events Detection and Prioritization  

 

 

 

Suspicious Events Detection and Prioritization  

 

 

 

Fast Access, On-disk Data Storage (up to 90 days)  

 

 

 

Cross-product Data Sources e.g. Firewall, Email (Sophos XDR)  

 

 

 

Cross-product Querying (Sophos XDR)  

 

 

 

Sophos Data Lake Cloud Storage  

30 days

30 days

30 days

Scheduled Queries  

 

 

 

INVESTIGATE
Threat Cases (Root Cause Analysis)

 

 

 

 

Deep Learning Malware Analysis  

 

 

 

Advanced On-demand SophosLabs Threat Intelligence  

 

 

 

Forensic Data Export  

 

 

 

REMEDIATE
Automated Malware Removal

 

 

 

 

Synchronized Security Heartbeat

 

 

 

 

Sophos Clean

 

 

 

 

Live Response (remotely investigate and take action)  

 

 

 

On-demand Endpoint Isolation  

 

 

 

Single-click “Clean and Block”  

 

 

 

HUMAN-LED THREAT HUNTING AND RESPONSE
24/7 Lead-driven Threat Hunting    

 

 

Security Health Checks    

 

 

Data Retention    

 

 

Activity Reporting    

 

 

Adversarial Detections    

 

 

Threat Neutralization & Remediation    

 

 

24/7 Lead-less Threat Hunting      

 

Threat Response Team Lead      

 

Direct Call-in Support      

 

Proactive Security Posture Management      

 

ZERO TRUST NETWORK ACCESS
Integrated ZTNA agent

 

 

 

 

ZTNA Access Policy and Control Optional Optional Optional Optional

 

For supported Linux features see the license guide.