Which AV solution? Sophos or Webroot

I’m trying to compare the two solutions, between Webroot anywhere secure with DNS protection or Sophos interecptX advanced with EDR.
I do have a Sophos Firewall, but I’ve been using Webroot for now and just tested InterceptX and I have to decide which route to take.


Does anyone have any recommendations?
DanNetwork EngineerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

DIPRAJCommented:
you can get different antivirus solution and can get different advice from different persons.
no AV is perfect, every one has his limits .  

but webroot is better in case of ransomware....also in crypto ransomware  ....i prefer webroot a little bit than interecptx .

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
madunixChief Information Officer Commented:
Most modern AV solutions offer real-time scanning protection, running in the background always. This helps keep users protected without needing to remember to run a scan every time. However, these scanners are highly dependent on updating signatures every day so as not to lag behind new exploits discovered in the net. Failing to keep these solutions updated could make them practically useless.  Some additional features could be included:
• Built-in firewall functionality.
• Intrusion detection system (IDS)/intrusion prevention system (IPS) functionality.
• Application whitelisting/blacklisting functionality.
btanExec ConsultantCommented:
I think you should be asking what is the security objective that you need to achieve and thereafter look at the "want" or so called good to have. Buying just solely a security product by comparison may not be an apple to orange comparison if you do not state even what are the baseline requirements. If it is AV replacement then either one is alright but I believe you should be looking deeper into the needs from the IT or Ops angle from your company as I doubt it is an individual interests.

Requirement can be as to
  1. block sophisticated malware ("fileless" type) or APT attacks (targeted attack using zero days etc), or
  2. simply is to block ransomware type of malice that sabotage the machine, or
  3. detecting early any anomalies of indicator of compromise in the machine that may be due to Cryptomining malware, or
  4. threat that has no footprint and running only in memory, or
  5. tracing how the threat comes from USB drive and has comprehensive activity recording capability to allow forensic to be done, or
  6. able to check for IOC or signature due to announced public threats and more of threat hunting genre,
.....the list goes on

Good to have the requirement then review again the product any limitation or gaps in addressing the capability needed...
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

DanNetwork EngineerAuthor Commented:
Btan, good points, so which product meets all the specs you mentioned?
btanExec ConsultantCommented:
I will go with a Anti-malware (e.g. Malwarebyte) and level it up with a EDR solution (e.g. Carbon black). What is lacking is then a Host intrusion prevention (HIPS) which Symantec Endpoint is one option.

Coming back Webroot is more of the HIPS approach as it acts also as a gatekeeper to the traffic going out and coming in. It secures the connection and remote access via wired or wirelessly. For Sophos, it is more a Anti-malware with good ransomware prevention capability and I am not aware of the EDR aspect but if it has, the endpoint security will definitely a value add.

If I will to choose Sophos protecting the endpoint will be ore assuring with EDR. But when comes to traffic analysis and secure connection, Webroot may have an edge.

I did not delve deep as I will think you can ask the tech sales to do that for you with those req.
DanNetwork EngineerAuthor Commented:
Thanks guys for your input.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.