Intercept X Tech Specs

Intercept X is available for devices running Windows 7 and above, 32- or 64-bit and macOS. Intercept X is the industry’s most comprehensive endpoint protection built to stop the widest range of threats. Intercept X Advanced combines the capabilities of Intercept X and Central Endpoint into a single solution and single agent. Intercept X Advanced with EDR also integrates intelligent endpoint detection and response (EDR). It is managed by our unified console, Sophos Central. No servers to build—just log in to download the agent and configure all your policies from one place.

For additional information, please read the Sophos Intercept X datasheet or the Sophos Intercept X Advanced with EDR datasheet.

Get the full system requirements for all Sophos products at the Sophos Community.

The features listed below are all included in Sophos Intercept X Advanced with EDR.

Features
EXPLOIT PREVENTION
Enforce Data Execution Prevention
Mandatory Address Space Layout Randomization 
Bottom-up ASLR 
Null Page (Null Deference Protection) 
Heap Spray Allocation 
Dynamic Heap Spray 
Stack Pivot 
Stack Exec (MemProt) 
Stack-based ROP Mitigations (Caller) 
Branch-based ROP Mitigations
Structured Exception Handler Overwrite (SEHOP)
Import Address Table Filtering (IAF) 
Load Library 
Reflective DLL Injection 
Shellcode 
VBScript God Mode 
Wow64 
Syscall 
Hollow Process 
DLL Hijacking 
Squiblydoo Applocker Bypass 
APC Protection (Double Pulsar / AtomBombing)
Process Privilege Escalation
ACTIVE ADVERSARY MITIGATIONS
Credential Theft Protection 
Code Cave Mitigation
Man-in-the-Browser Protection (Safe Browsing) 
Malicious Traffic Detection
Meterpreter Shell Detection
ANTIRANSOMWARE
Ransomware File Protection (CryptoGuard) 
Automatic file recovery (CryptoGuard)
Disk and Boot Record Protection (WipeGuard)
APPLICATION LOCKDOWN
Web Browsers (including HTA) 
Web Browser Plugins
Java 
Media Applications 
Office Applications
DEEP LEARNING
Deep Learning Malware Detection
Deep Learning Potentially Unwanted
Applications (PUA) Blocking
False Positive Suppression
Live Protection
RESPOND INVESTIGATE REMOVE
Root Cause Analysis
Sophos Clean
Synchronized Security Heartbeat
ENDPOINT DETECTION AND RESPONSE (EDR)
Cross Estate Threat Searching
Guided Investigations
EDR Deep Learning Malware Analysis
On-demand SophosLabs Threat Intelligence
Forensic Data Export
Endpoint Isolation
DEPLOYMENT
Can run as standalone agent
Can run alongside existing antivirus
Can run as component of existing
Sophos Endpoint agent
Windows 7
Windows 8
Windows 8.1
Windows 10
macOS*

* Features supported CryptoGuard, Malicious Traffic Detection, Synchronized Security Heartbeat, Root Cause Analysis

CENTRAL ENDPOINT INTERCEPT X INTERCEPT X ADVANCED INTERCEPT X ADVANCED WITH EDR
ATTACK SURFACE REDUCTION
Web Security
Download Reputation
Web Control / Category-based URL Blocking
Peripheral Control
(e.g. USB)
Application Control
BEFORE IT RUNS ON DEVICE
Deep Learning Malware Detection
Anti-Malware File Scanning
Live Protection
Pre-execution Behavior Analysis (HIPS)
Potentially Unwanted Application (PUA) Blocking
Data Loss Prevention
Exploit Prevention
STOP RUNNING THREAT
Runtime Behavior Analysis (HIPS)
Malicious Traffic Detection (MTD)
Active Adversary Mitigations
Ransomware File Protection (CryptoGuard)
Disk and Boot Record Protection (WipeGuard)
Man-in-the-Browser Protection (Safe Browsing)
INVESTIGATE AND REMOVE
Automated Malware Removal
Synchronized Security Heartbeat
Root Cause Analysis
Sophos Clean
Cross Estate Threat Searching
Guided Investigations
EDR Deep Learning Malware Analysis
On-demand SophosLabs Threat Intelligence
Forensic Data Export
Endpoint Isolation

*Not all features are supported on all operating systems