Sophos MDR Reviews & Product Details

What I appreciate most about Sophos MDR is that, essentially, I have a team of cybersecurity experts watching my network 24/7, without needing to hire my own staff. Let's be honest: I don't have the budget or the knowledge to maintain a security team that is alert at 3 in the morning monitoring threats.

What really gives me peace of mind is that they not only detect suspicious activities, but they also act immediately. I've been through a couple of situations where they notified me that they had blocked something suspicious and had already taken action before I even found out. It's like having a digital bodyguard that never rests.

Moreover, something that seems simple but is extremely valuable: the alerts I receive make sense. It's not a bombardment of incomprehensible technical notifications that only overwhelm. They clearly explain what happened, what actions they took, and if I need to do anything on my part. For someone who doesn't work in cybersecurity all day, that's priceless. It allows me to focus on my business, knowing that aspect is in the hands of professionals. Review collected by and hosted on G2.com.

Honestly, what impacts me the most is the price. It's not cheap at all, and for a small or medium-sized company like ours, it represents a considerable investment that really affects the monthly budget. Sometimes I question whether we really need such a high level of protection or if we're overpaying, although then I remember the scares we've had and my doubts fade away.

Another thing that frustrates me is the feeling of being too dependent on them. I feel like I've lost some direct control over our own infrastructure. If I want to make any changes or adjust the security settings, I have to request it from their team. Although they usually respond quickly, it's not the same as being able to do it myself at the moment I need it.

Also, at the beginning, the learning curve was quite steep. We had to modify some internal processes and there was some friction with the IT team, as they felt they were being "replaced" or supervised. That created tensions that we had to resolve with a lot of diplomacy.

Lastly, the monthly reports are sometimes too technical. When I have to present them to the board of directors, they don't want to see terms like "IOCs" or "lateral movement"; what they want to know, in clear and simple Spanish, is whether we are protected or not. Review collected by and hosted on G2.com.

What I value most about Sophos MDR is the speed with which it identifies and responds to incidents. The team conducts constant monitoring 24 hours a day, 7 days a week, and maintains clear communication, which gives me a lot of peace of mind and helps reduce risks. Review collected by and hosted on G2.com.

The only thing that doesn't convince me is that certain notifications are somewhat technical, and to understand all the details, it's necessary to check the console. It would be better if it were more accessible for those who don't have technical knowledge. Review collected by and hosted on G2.com.

What I like best is peace of mind. The human layer on top of software detection so that if something is off, its investigated instead of juust generating noise. Review collected by and hosted on G2.com.

Obviously cost is an isssue, it's much more pricey than some other services. Also, there's a pretty big learning curve especially if you're not already in the Sophos ecosystem. Review collected by and hosted on G2.com.

best thing is that it is centerlized and if any attack or virus detedted it islotae the system then admin can review all log from central port Review collected by and hosted on G2.com.

there is no depth of exclusion if want exlude all subdomain can not use *.domian.com need to manualy define all URL and for some custom app or script that you have to define fix path location otherwise MDR blocck and remove that Review collected by and hosted on G2.com.

Sophos MDR is a great product. I love how easy it is to manage and also I love how the licensing works for the product. The controls are very granular and can be setup differently for different users, groups and computers/devices. You can sync all of your active directory users and groups so that you have more control over which users cand which devices have more strict controls and it allows for website filtering and device control. Also when combined with Sophos Intercept-X it is one of the best solutions to monitor for potential Ransomware attacks. Review collected by and hosted on G2.com.

Logging into Sophos Central to manage Sophos MDR can be a bit slow and painful at first as there is so many features and options, site navigation can be a bit slow. Also the amount of options for implementation at first can be a bit daunting. Review collected by and hosted on G2.com.

Sophos 24/7 MDR was such a great move for us, we have over 300 users in almost every continent and a very small IT team. The level of comfort and security the MDR product has provided to us is immeasurable. With a centralised platform that is intuitive to use and simple to get how to guides for, it's a de-cluttered space that allows us to focus on the actual issues. The professional services team spend a good amount of time ensuring it is setup correctly and that you are supported as you stand up the products. Injecting our 365 defender logs into their datalake takes care of an additional platform we no longer have to check. Authorising the team to be able to take action when it is out of hours gives a level of trust that we are without doubt more secure with it than without it. I like that the same team of service leader and engineer are still working with us beyond the initial sales and implementation stages so we are not wasting time going over historical issues. Review collected by and hosted on G2.com.

While the professional services team do ensure your on-boarding is seamless, a little gap of maybe understanding our environment more would cause a few less false positives. We have global users that access our CRM platform via AVD and this is all hosted in Azure UK, if that had been taken into account at the start, there would be less tickets created for these users accessing from different geographical locations. This is a very minor problem that maybe more complex companies would maybe be larger for them. Review collected by and hosted on G2.com.

The most useful thing is to have a team of experts working in the background, detecting and responding to incidents before they become serious problems. The 24/7 analysis capability, detailed reports, and smooth communication with the Sophos team make a big difference. Review collected by and hosted on G2.com.

Overall, the experience has been very good, but if there's something I would improve, it would be that some reports could be presented in a simpler way so that non-technical people can also understand them without difficulty. Sometimes the amount of technical information can be overwhelming if one is not familiar with certain terms. Review collected by and hosted on G2.com.

What I like most about Sophos MDR is the 24/7 expert monitoring and rapid response to real threats. The service gives us peace of mind knowing that a skilled team is actively hunting, detecting, and neutralizing threats around the clock—even when our internal IT team is offline.

Their proactive threat hunting and clear, actionable guidance during incidents make a huge difference in minimizing downtime and reducing risk. The integration with Sophos Central also gives us a unified view of our security landscape, making it easier to track threats and overall activity.

In short, the combination of human expertise with powerful technology is what truly sets Sophos MDR apart. Review collected by and hosted on G2.com.

What I dislike most about Sophos MDR is that sometimes the volume of alerts can be overwhelming, especially during periods of heightened threat activity. While the team does a great job filtering and prioritizing, it can occasionally be challenging for our internal team to keep up with all notifications and follow-ups.

Additionally, there can be occasional delays in communication when detailed investigation is needed, which can slow down incident resolution in complex cases.

Finally, more customizable reporting options would be helpful to better align with specific organizational needs and compliance requirements. Review collected by and hosted on G2.com.

What I like best about Sophos MDR is the 24/7 expert-led threat monitoring and response, which ensures that potential security incidents are swiftly identified, investigated, and neutralized—even outside business hours. The combination of real-time alerts, detailed reporting, and human-led analysis provides a high level of confidence in our overall security posture. Additionally, the integration with our existing Sophos ecosystem makes deployment and management seamless. Review collected by and hosted on G2.com.

What I dislike about Sophos MDR is that while the threat detection and response are excellent, the alert notification system can sometimes be overly sensitive, generating a high volume of low-priority alerts that require filtering. Additionally, the initial onboarding process could be more streamlined, especially when integrating with third-party tools or existing SIEM solutions. Some advanced customization options are also limited unless you're on the higher-tier service. Review collected by and hosted on G2.com.

What I like most about MDR is that they are monitoring my equipment 24/7 on security issues. This helps me focus on internal matters and my users, and not only that, if a finding occurs, they notify me even by phone call depending on the criticality. Also, what I like is the easy use of the management console. Review collected by and hosted on G2.com.

It would only be a point that communication with the engineers is only in English. Review collected by and hosted on G2.com.