Intercept X is available for devices running on Windows and macOS. Intercept X is the industry’s most comprehensive endpoint protection and includes options for powerful endpoint detection and response (EDR) and extended detection and response (XDR).
Get details on system requirements and supported operating systems in the Windows and macOS articles.
| Features | Intercept X Advanced | Intercept X Advanced with XDR | Intercept X Advanced with MDR | Intercept X Advanced with MDR Complete |
|---|
| ATTACK SURFACE | ||||
| Web Security | ✓ | ✓ | ✓ | ✓ |
| Download Reputation | ✓ | ✓ | ✓ | ✓ |
| Web Control / Category-based URL Blocking | ✓ | ✓ | ✓ | ✓ |
| Peripheral Control | ✓ | ✓ | ✓ | ✓ |
| Application Control | ✓ | ✓ | ✓ | ✓ |
| BEFORE IT RUNS ON DEVICE | ||||
| Deep Learning Malware Detection | ✓ | ✓ | ✓ | ✓ |
| Anti-Malware File Scanning | ✓ | ✓ | ✓ | ✓ |
| Live Protection | ✓ | ✓ | ✓ | ✓ |
| Pre-execution Behavior Analysis (HIPS) | ✓ | ✓ | ✓ | ✓ |
| Potentially Unwanted Application (PUA) Blocking | ✓ | ✓ | ✓ | ✓ |
| Intrusion Prevention System | ✓ | ✓ | ✓ | ✓ |
| STOP RUNNING THREAT | ||||
| Data Loss Prevention | ✓ | ✓ | ✓ | ✓ |
| Runtime Behavior Analysis (HIPS) | ✓ | ✓ | ✓ | ✓ |
| Antimalware Scan Interface (AMSI) | ✓ | ✓ | ✓ | ✓ |
| Malicious Traffic Detection (MTD) | ✓ | ✓ | ✓ | ✓ |
| Exploit Prevention | ✓ | ✓ | ✓ | ✓ |
| Active Adversary Mitigations | ✓ | ✓ | ✓ | ✓ |
| Ransomware File Protection (CryptoGuard) | ✓ | ✓ | ✓ | ✓ |
| Disk and Boot Record Protection (WipeGuard) | ✓ | ✓ | ✓ | ✓ |
| Man-in-the-Browser Protection (Safe Browsing) | ✓ | ✓ | ✓ | ✓ |
| Enhanced Application Lockdown | ✓ | ✓ | ✓ | |
| DETECT | ||||
| Live Discover (Cross Estate SQL Querying for Threat Hunting & IT Security Operations Hygiene) | ✓ | ✓ | ✓ | |
| SQL Query Library (pre-written, fully customizable queries) Suspicious Events Detection and Prioritization | ✓ | ✓ | ✓ | |
| Suspicious Events Detection and Prioritization | ✓ | ✓ | ✓ | |
| Fast Access, On-disk Data Storage (up to 90 days) | ✓ | ✓ | ✓ | |
| Cross-product Data Sources e.g. Firewall, Email (Sophos XDR) | ✓ | ✓ | ✓ | |
| Cross-product Querying (Sophos XDR) | ✓ | ✓ | ✓ | |
| Sophos Data Lake Cloud Storage | 30 days | 30 days | 30 days | |
| Scheduled Queries | ✓ | ✓ | ✓ | |
| INVESTIGATE | ||||
| Threat Cases (Root Cause Analysis) | ✓ | ✓ | ✓ | ✓ |
| Deep Learning Malware Analysis | ✓ | ✓ | ✓ | |
| Advanced On-demand SophosLabs Threat Intelligence | ✓ | ✓ | ✓ | |
| Forensic Data Export | ✓ | ✓ | ✓ | |
| REMEDIATE | ||||
| Automated Malware Removal | ✓ | ✓ | ✓ | ✓ |
| Synchronized Security Heartbeat | ✓ | ✓ | ✓ | ✓ |
| Sophos Clean | ✓ | ✓ | ✓ | ✓ |
| Live Response (remotely investigate and take action) | ✓ | ✓ | ✓ | |
| On-demand Endpoint Isolation | ✓ | ✓ | ✓ | |
| Single-click “Clean and Block” | ✓ | ✓ | ✓ | |
| HUMAN-LED THREAT HUNTING AND RESPONSE | ||||
| 24/7 Lead-driven Threat Hunting | ✓ | ✓ | ||
| Security Health Checks | ✓ | ✓ | ||
| Data Retention | ✓ | ✓ | ||
| Activity Reporting | ✓ | ✓ | ||
| Adversarial Detections | ✓ | ✓ | ||
| Threat Neutralization & Remediation | ✓ | ✓ | ||
| Full-scale Incident Response: threats are fully eliminated (Requires full Sophos XDR agent (protection, detection and response) ) | ✓ | |||
| Root Cause Analysis: performed to prevent future recurrence | ✓ | |||
| Dedicated Incident Response Lead | ✓ | |||
| Proactive Security Posture Management | ✓ | |||
| Buy Intercept X | Buy Intercept X with XDR | Buy Intercept X with MTR | Buy Intercept X with MTR Adv | |