# Sophos MDR Reviews **Vendor:** Sophos **Category:** [Managed Detection and Response (MDR) Software](https://www.g2.com/categories/managed-detection-and-response-mdr) **Average Rating:** 4.7/5.0 **Total Reviews:** 506 ## About Sophos MDR Sophos Managed Detection and Response (MDR) is a fully managed service delivered by experts who detect and respond to cyberattacks targeting your computers, servers, networks, cloud workloads, email accounts, backups, and more. Our highly skilled security analysts stop advanced human-led attacks and take immediate action to neutralize threats before they can disrupt your business operations or compromise your sensitive data. ## Sophos MDR Pros & Cons **What users like:** - Users value the **proactive threat detection** of Sophos MDR, ensuring effective security management across their endpoints. (22 reviews) - Users value the **24/7 continuous monitoring** of Sophos MDR, ensuring prompt alerts and enhanced network security. (21 reviews) - Users praise the **ease of use** of Sophos MDR, highlighting smooth management and seamless integration with existing systems. (21 reviews) - Users value the **24/7 expert monitoring** of Sophos MDR, providing uninterrupted security and peace of mind against threats. (13 reviews) - Users value the **quick response time** of Sophos MDR, appreciating timely incident notifications and expert actions. (13 reviews) - Investigation (12 reviews) - Reliability (12 reviews) - Users value the **24/7 availability** of Sophos MDR, ensuring constant protection and expert action against threats. (11 reviews) - Visibility (10 reviews) - Users value the **24/7 customer support** of Sophos MDR, providing expert assistance and peace of mind regarding security. (9 reviews) **What users dislike:** - Users find Sophos MDR **expensive** , making it challenging for smaller organizations to adopt its advanced features. (8 reviews) - Users express concerns about **communication issues** in Sophos MDR, citing slow response times and overwhelming alert volumes. (7 reviews) - Users find the **limited customization** in Sophos MDR restrictive, preferring more flexibility in response workflows and alerts. (7 reviews) - Users face **complex integration challenges** with Sophos MDR, hindering real-time collaboration and alerting workflows. (6 reviews) - Users often find the **poor reporting** of Sophos MDR to be overwhelming and not user-friendly for non-IT stakeholders. (6 reviews) - Slow Performance (4 reviews) - Difficult Navigation (3 reviews) - Users often experience **false positives** , although community boards help clarify underlying issues and mechanics. (3 reviews) - High Resource Usage (3 reviews) - Users experience **implementation challenges** due to prolonged setup, extensive communication, and ongoing administration requirements. (3 reviews) ## Sophos MDR Reviews ### 1. Feels Like a Real 24/7 Security Team Backing You Up **Rating:** 4.0/5.0 stars **Reviewed by:** Harsh K. | Technical Consultant, Mid-Market (51-1000 emp.) **Reviewed Date:** April 24, 2026 **What do you like best about Sophos MDR?** What I like most about Sophos MDR is that it genuinely feels like having a real security team backing you up 24/7, rather than just another tool that throws alerts at you. It takes a lot of pressure off because it actually investigates and responds to threats, instead of leaving you to handle everything on your own. **What do you dislike about Sophos MDR?** What I dislike is that the initial setup and fine-tuning can feel a bit complex at first, especially if you’re new to MDR services. Also, some of the deeper insights and controls seem limited unless you’re fully invested in the Sophos ecosystem. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR helps us address the ongoing challenge of monitoring for threats and responding quickly without needing a large in-house security team. It reduces alert fatigue, speeds up incident response, and gives us confidence that threats are being actively managed around the clock. ### 2. Total Peace of Mind with Sophos MDR: 24/7 Security and Clear Alerts **Rating:** 5.0/5.0 stars **Reviewed by:** vladimir C. | Infrastructure Security analist, Transportation/Trucking/Railroad, Mid-Market (51-1000 emp.) **Reviewed Date:** December 17, 2025 **What do you like best about Sophos MDR?** What I appreciate most about Sophos MDR is that, essentially, I have a team of cybersecurity experts watching my network 24/7, without needing to hire my own staff. Let's be honest: I don't have the budget or the knowledge to maintain a security team that is alert at 3 in the morning monitoring threats. What really gives me peace of mind is that they not only detect suspicious activities, but they also act immediately. I've been through a couple of situations where they notified me that they had blocked something suspicious and had already taken action before I even found out. It's like having a digital bodyguard that never rests. Moreover, something that seems simple but is extremely valuable: the alerts I receive make sense. It's not a bombardment of incomprehensible technical notifications that only overwhelm. They clearly explain what happened, what actions they took, and if I need to do anything on my part. For someone who doesn't work in cybersecurity all day, that's priceless. It allows me to focus on my business, knowing that aspect is in the hands of professionals. **What do you dislike about Sophos MDR?** Honestly, what impacts me the most is the price. It's not cheap at all, and for a small or medium-sized company like ours, it represents a considerable investment that really affects the monthly budget. Sometimes I question whether we really need such a high level of protection or if we're overpaying, although then I remember the scares we've had and my doubts fade away. Another thing that frustrates me is the feeling of being too dependent on them. I feel like I've lost some direct control over our own infrastructure. If I want to make any changes or adjust the security settings, I have to request it from their team. Although they usually respond quickly, it's not the same as being able to do it myself at the moment I need it. Also, at the beginning, the learning curve was quite steep. We had to modify some internal processes and there was some friction with the IT team, as they felt they were being "replaced" or supervised. That created tensions that we had to resolve with a lot of diplomacy. Lastly, the monthly reports are sometimes too technical. When I have to present them to the board of directors, they don't want to see terms like "IOCs" or "lateral movement"; what they want to know, in clear and simple Spanish, is whether we are protected or not. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR solves my biggest problem: not having the staff or specialized knowledge to defend my company from real cyber attacks. Before hiring them, I slept poorly thinking "what if we get hacked tomorrow and we don't even realize it until it's too late?" We had basic antivirus, firewall, the usual, but I knew that was no longer enough with how sophisticated attacks are nowadays. The direct benefit is that now I have an expert team actively hunting threats in my network. They don't wait for an alarm to go off - they are looking for strange behaviors, suspicious patterns, things I would never know how to identify. A few months ago they detected a ransomware attempt that was silently moving through the network. They neutralized it before it encrypted anything. If we had relied solely on our internal team, we probably would have realized it when everything was already encrypted and with a ransom note on the screen. It also solves the problem of regulatory compliance. I work with sensitive customer data and need to demonstrate that I have serious security measures. Sophos MDR gives me the documentation and reports I need for audits and certifications. And perhaps the most valuable: it gives me time. Before, my IT manager spent his time putting out security fires. Now he can focus on projects that really grow the business, while Sophos takes care of keeping us protected. That's a return on investment that doesn't appear on any spreadsheet but that I feel every day. ### 3. 24/7 coverage and incident response ideal for companies without an internal SOC **Rating:** 5.0/5.0 stars **Reviewed by:** Eric Q. | Administrador de Ciberseguridad, Enterprise (> 1000 emp.) **Reviewed Date:** March 12, 2026 **What do you like best about Sophos MDR?** Utility: 24/7 coverage before incident response for teams or institutions that do not have an active or mature SOC, or for those who cannot hire an internal cybersecurity team to address complex threats. **What do you dislike about Sophos MDR?** For now, there is nothing to dislike; the service offered by MDR Sophos is positive and its use has translated into fewer risks, costs, and protection for the institution's image. **What problems is Sophos MDR solving and how is that benefiting you?** Continuous protection, quick incident response, human resource optimization, scalability, and integration with other information sources. Additionally, it allows sending logs to the Data Lake for better visualization and event analysis. ### 4. Quick Response and 24/7 Monitoring that Provide Peace of Mind **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Financial Services | Mid-Market (51-1000 emp.) **Reviewed Date:** December 10, 2025 **What do you like best about Sophos MDR?** What I value most about Sophos MDR is the speed with which it identifies and responds to incidents. The team conducts constant monitoring 24 hours a day, 7 days a week, and maintains clear communication, which gives me a lot of peace of mind and helps reduce risks. **What do you dislike about Sophos MDR?** The only thing that doesn't convince me is that certain notifications are somewhat technical, and to understand all the details, it's necessary to check the console. It would be better if it were more accessible for those who don't have technical knowledge. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR has allowed us to identify and respond to threats in real time, something we couldn't achieve as quickly internally. Thanks to this, we have reduced risks, avoided serious incidents, and can operate more securely without the need for our own SOC. ### 5. Peace of Mind with Proactive Human Oversight **Rating:** 5.0/5.0 stars **Reviewed by:** Andy K. | Vice President, Small-Business (50 or fewer emp.) **Reviewed Date:** December 16, 2025 **What do you like best about Sophos MDR?** What I like best is peace of mind. The human layer on top of software detection so that if something is off, its investigated instead of juust generating noise. **What do you dislike about Sophos MDR?** Obviously cost is an isssue, it's much more pricey than some other services. Also, there's a pretty big learning curve especially if you're not already in the Sophos ecosystem. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR solves the problem of limited time and expertise to monitor and respond to threats around the clock. We're able to deploy enterprise level protection to smaller businesses and it adds a credibility to my team. ### 6. Centralized Security and Effortless Threat Isolation **Rating:** 4.5/5.0 stars **Reviewed by:** shiv k. | DevSecOps, Mid-Market (51-1000 emp.) **Reviewed Date:** December 27, 2025 **What do you like best about Sophos MDR?** best thing is that it is centerlized and if any attack or virus detedted it islotae the system then admin can review all log from central port **What do you dislike about Sophos MDR?** there is no depth of exclusion if want exlude all subdomain can not use *.domian.com need to manualy define all URL and for some custom app or script that you have to define fix path location otherwise MDR blocck and remove that **What problems is Sophos MDR solving and how is that benefiting you?** all device log are centlized and i can apply policy from a cental point to all endpoints ### 7. Easy Management and Strong Ransomware Detection in Sophos MDR **Rating:** 5.0/5.0 stars **Reviewed by:** John R. | I.T. Administrator, Mid-Market (51-1000 emp.) **Reviewed Date:** August 11, 2025 **What do you like best about Sophos MDR?** Sophos MDR is a great product. I love how easy it is to manage and also I love how the licensing works for the product. The controls are very granular and can be setup differently for different users, groups and computers/devices. You can sync all of your active directory users and groups so that you have more control over which users cand which devices have more strict controls and it allows for website filtering and device control. Also when combined with Sophos Intercept-X it is one of the best solutions to monitor for potential Ransomware attacks. **What do you dislike about Sophos MDR?** Logging into Sophos Central to manage Sophos MDR can be a bit slow and painful at first as there is so many features and options, site navigation can be a bit slow. Also the amount of options for implementation at first can be a bit daunting. **What problems is Sophos MDR solving and how is that benefiting you?** Ransomeware detection was a huge point for us and Sophos MDR combined with Sophos Intercept-X is very good at ransomeware detection. Also, the licensing for Sophos MDR is very straight forward and easy to understand. The way the license their products fit very well for our medium sized business. ### 8. Sophos MDR gives us the confidence that we are as secure as possible 24/7 all around the world. **Rating:** 5.0/5.0 stars **Reviewed by:** LAURENCE B. | Lead Infrastructure Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** August 11, 2025 **What do you like best about Sophos MDR?** Sophos 24/7 MDR was such a great move for us, we have over 300 users in almost every continent and a very small IT team. The level of comfort and security the MDR product has provided to us is immeasurable. With a centralised platform that is intuitive to use and simple to get how to guides for, it's a de-cluttered space that allows us to focus on the actual issues. The professional services team spend a good amount of time ensuring it is setup correctly and that you are supported as you stand up the products. Injecting our 365 defender logs into their datalake takes care of an additional platform we no longer have to check. Authorising the team to be able to take action when it is out of hours gives a level of trust that we are without doubt more secure with it than without it. I like that the same team of service leader and engineer are still working with us beyond the initial sales and implementation stages so we are not wasting time going over historical issues. **What do you dislike about Sophos MDR?** While the professional services team do ensure your on-boarding is seamless, a little gap of maybe understanding our environment more would cause a few less false positives. We have global users that access our CRM platform via AVD and this is all hosted in Azure UK, if that had been taken into account at the start, there would be less tickets created for these users accessing from different geographical locations. This is a very minor problem that maybe more complex companies would maybe be larger for them. **What problems is Sophos MDR solving and how is that benefiting you?** Phishing attacks, MITM attacks, data loss, and credential theft. ### 9. Active and reliable protection with real human support **Rating:** 4.5/5.0 stars **Reviewed by:** Jeury S. | Analista de Ciberseguridad y Vulnerabilidades, Banking, Mid-Market (51-1000 emp.) **Reviewed Date:** August 07, 2025 **What do you like best about Sophos MDR?** The most useful thing is to have a team of experts working in the background, detecting and responding to incidents before they become serious problems. The 24/7 analysis capability, detailed reports, and smooth communication with the Sophos team make a big difference. **What do you dislike about Sophos MDR?** Overall, the experience has been very good, but if there's something I would improve, it would be that some reports could be presented in a simpler way so that non-technical people can also understand them without difficulty. Sometimes the amount of technical information can be overwhelming if one is not familiar with certain terms. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR helps us face one of the biggest challenges we had: the lack of visibility and response to threats in real time. Before, we relied entirely on our internal capabilities, which were limited by resources and time. With Sophos MDR, we now have a specialized team that constantly monitors our infrastructure, detecting suspicious behaviors, investigating incidents, and responding quickly. This has allowed us to reduce the risk of breaches, avoid major damage, and focus on our operations without constantly worrying about potential threats. ### 10. Sophos MDR has provided us with reliable, expert 24/7 threat detection and response **Rating:** 4.5/5.0 stars **Reviewed by:** Luis P. | Cyber Security Specialist, Mid-Market (51-1000 emp.) **Reviewed Date:** August 05, 2025 **What do you like best about Sophos MDR?** What I like most about Sophos MDR is the 24/7 expert monitoring and rapid response to real threats. The service gives us peace of mind knowing that a skilled team is actively hunting, detecting, and neutralizing threats around the clock—even when our internal IT team is offline. Their proactive threat hunting and clear, actionable guidance during incidents make a huge difference in minimizing downtime and reducing risk. The integration with Sophos Central also gives us a unified view of our security landscape, making it easier to track threats and overall activity. In short, the combination of human expertise with powerful technology is what truly sets Sophos MDR apart. **What do you dislike about Sophos MDR?** What I dislike most about Sophos MDR is that sometimes the volume of alerts can be overwhelming, especially during periods of heightened threat activity. While the team does a great job filtering and prioritizing, it can occasionally be challenging for our internal team to keep up with all notifications and follow-ups. Additionally, there can be occasional delays in communication when detailed investigation is needed, which can slow down incident resolution in complex cases. Finally, more customizable reporting options would be helpful to better align with specific organizational needs and compliance requirements. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR is solving the challenge of continuous, expert cybersecurity monitoring and rapid incident response, which is difficult to maintain with limited internal resources. By detecting and neutralizing threats before they cause damage, it reduces our risk of breaches and downtime. This allows our team to focus on strategic initiatives while knowing our environment is proactively protected around the clock, ultimately improving our overall security posture and operational efficiency. ### 11. Sophos MDR offers a robust and responsive managed detection and response service. **Rating:** 4.5/5.0 stars **Reviewed by:** Arturo G. | Gerente de Operaciones de TI, Mid-Market (51-1000 emp.) **Reviewed Date:** July 29, 2025 **What do you like best about Sophos MDR?** What I like best about Sophos MDR is the 24/7 expert-led threat monitoring and response, which ensures that potential security incidents are swiftly identified, investigated, and neutralized—even outside business hours. The combination of real-time alerts, detailed reporting, and human-led analysis provides a high level of confidence in our overall security posture. Additionally, the integration with our existing Sophos ecosystem makes deployment and management seamless. **What do you dislike about Sophos MDR?** What I dislike about Sophos MDR is that while the threat detection and response are excellent, the alert notification system can sometimes be overly sensitive, generating a high volume of low-priority alerts that require filtering. Additionally, the initial onboarding process could be more streamlined, especially when integrating with third-party tools or existing SIEM solutions. Some advanced customization options are also limited unless you're on the higher-tier service. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR provides 24/7 expert threat detection and response, reducing risk, saving internal resources, and improving our overall security posture. ### 12. EFFECTIVE IN SECURITY MATTERS **Rating:** 5.0/5.0 stars **Reviewed by:** Javier P. | Ingeniero de soporte y ciberseguridad, Mid-Market (51-1000 emp.) **Reviewed Date:** August 20, 2025 **What do you like best about Sophos MDR?** What I like most about MDR is that they are monitoring my equipment 24/7 on security issues. This helps me focus on internal matters and my users, and not only that, if a finding occurs, they notify me even by phone call depending on the criticality. Also, what I like is the easy use of the management console. **What do you dislike about Sophos MDR?** It would only be a point that communication with the engineers is only in English. **What problems is Sophos MDR solving and how is that benefiting you?** The main problem it solves for me is that it helps me dedicate more time to internal issues of the company where I work and focus on the problems reported by my users, since the topic of monitoring and everything that involves security takes up a lot of time, and with Sophos, I don't have to worry about that. ### 13. Continuous and effective protection with Sophos MD **Rating:** 4.5/5.0 stars **Reviewed by:** jefferson j. | Analista de Ciberseguridad y Vulnerabilidades, Mid-Market (51-1000 emp.) **Reviewed Date:** August 04, 2025 **What do you like best about Sophos MDR?** What I like most about Sophos MDR is its 24/7 monitoring with active response to real threats, which provides an additional layer of protection that goes beyond what we could cover internally. The Sophos analyst team acts quickly before incidents, communicates clearly, and collaborates directly in mitigation actions. **What do you dislike about Sophos MDR?** What I like least about Sophos MDR is that some custom configurations and fine-tuning of alerts require additional support or intervention, which can slow down certain processes. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR primarily addresses the difficulty of quickly detecting and responding to advanced threats and sophisticated attacks that could go unnoticed with traditional tools. By offering 24/7 monitoring by security experts and managed response, it significantly reduces detection and mitigation time, minimizing the impact of incidents on the organization. ### 14. Security without the hassle **Rating:** 5.0/5.0 stars **Reviewed by:** Jonathan W. | Systems Administrator, Mid-Market (51-1000 emp.) **Reviewed Date:** July 11, 2025 **What do you like best about Sophos MDR?** The Sophos GUI. It's every easy for you to navigate through the site and find what you need. I really like how ease of use it is when it comes to troubleshooting vulnerable users or machines. You can easily find the problem due to advanced features from the integrations they implemented. I've had to reach out to the customer support several times in order to fix a compromised user or machine; they've been extremely helpful. I came into the organization with Sophos already deployed, so I'm not sure how easy it was to implement but maintaining it has been a breeze. **What do you dislike about Sophos MDR?** I've had one issue where I had to submit a ticket on a user that was compromised, I ended up submitting the wrong location and it took a day for Sophos to change it to the right support. That day in-between could've had serious consequences with our environment. It happens but I learned the right team and how to submit the problem right away to protect ourselves. **What problems is Sophos MDR solving and how is that benefiting you?** Security, that's mainly what we needed and it's what Sophos has delivered on. We need to make sure that we are secure as we are a law firm that has to deal a lot with Law and ensure customer confidentiality. With Sophos I feel like we have that security and that ability to provide that confidentiality. ### 15. Reliable and user-friendly security solution for 6 years - absolutely recommended **Rating:** 4.5/5.0 stars **Reviewed by:** Manfred O. | CIO, Small-Business (50 or fewer emp.) **Reviewed Date:** July 11, 2025 **What do you like best about Sophos MDR?** What I like best about Sophos MDR is the seamless integration into the entire Sophos security platform and the user-friendly operation. The MDR system works reliably in the background and provides advanced threat detection without requiring complex configurations. The combination of automated monitoring and easy handling makes it a valuable component of our security strategy. **What do you dislike about Sophos MDR?** Honestly, it's hard for me to find anything negative about Sophos MDR. In the 6 years of use, there haven't been any significant problems or aspects that bothered me. The system runs stable and reliably meets all our requirements. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR solves the problem of continuous 24/7 threat monitoring for us without having to employ our own security experts. The system automatically detects suspicious activities and advanced threats that conventional antivirus solutions might miss. The greatest benefit for us is the assurance that our IT environment is proactively monitored while we can focus on our core business. The automated threat detection and response gives us a high level of security without additional administrative overhead. ### 16. Sophos MDR: Expert Security You Can Trust **Rating:** 5.0/5.0 stars **Reviewed by:** pavan m. | Technical Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** September 23, 2025 **What do you like best about Sophos MDR?** I like that Sophos MDR provides round-the-clock monitoring by real experts who not only detect threats but also take action to stop them. It feels like having a full security operations center on my side, without the need to hire one in-house. What impressed me the most about Sophos MDR is how seamlessly it blends human expertise with technology-driven insights. Instead of only relying on automated alerts, their team actively investigates unusual activities, which eliminates the typical "alert fatigue" many IT teams face. It feels less like outsourcing a service and more like extending your security team with highly skilled professionals. **What do you dislike about Sophos MDR?** Honestly, there’s very little to dislike about Sophos MDR. If I had to mention one thing, it would be that sometimes the detailed reports can be very technical for non-IT stakeholders. However, this is a minor point, as the team always provides clear explanations and guidance **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR solves the problem of alert overload and limited visibility into threats. Instead of my team chasing false positives, Sophos experts investigate and respond immediately. This reduces downtime, improves security confidence, and allows us to focus on business growth instead of chasing incidents. ### 17. Powerful and efficient at a reasonable cost. **Rating:** 5.0/5.0 stars **Reviewed by:** Andrea M. | IT Manager, Mid-Market (51-1000 emp.) **Reviewed Date:** July 08, 2025 **What do you like best about Sophos MDR?** Sophos MDR delivers continuous 24/7/365 monitoring across endpoints, servers, and network infrastructure. Its behavior-based analysis helps proactively detect and respond to indicators of compromise, significantly reducing the risk of undetected breaches. The product is easy to deploy and benefits from a clear, intuitive user interface. In case of issues, support is highly responsive and available around the clock. Its ability to integrate seamlessly with hardware from various vendors is an added advantage. **What do you dislike about Sophos MDR?** The solution is comprehensive with no significant shortcomings. If anything, response times—while generally good—could be further improved to enhance overall efficiency. **What problems is Sophos MDR solving and how is that benefiting you?** One of the major challenges for any organization is maintaining continuous visibility over a growing number of devices—especially monitoring their behavior within the LAN, WAN and toward critical servers. This task demands up-to-date cybersecurity expertise and 24/7/365 operational coverage, which can be both costly and complex to manage internally. Sophos MDR addresses this challenge effectively by delivering expert-driven threat detection and response as a managed service, reducing the need for in-house resources while ensuring enterprise-grade protection around the clock. ### 18. Sophos MDR has significantly improved our threat detection and response capabilities **Rating:** 5.0/5.0 stars **Reviewed by:** Juan N. | Service manager, Small-Business (50 or fewer emp.) **Reviewed Date:** June 23, 2025 **What do you like best about Sophos MDR?** We prefer Sophos MDR becouse it has preven to be more efficient and user-friendly than others solutions we've used, like Sentinel. And the price us another big thing, for less money you a lot more features. One od the main advantages we've expreiened is how easy it is to set up and integrate into our environment. Additionally, the response times from the sophos MDR team are noticeable faster, when an incident is detected, we recieve clear, timely communication and inmediate action is taken, This proactive and professional approach give us confidence that our systems are continuously protected by a capable and respoinsive team. **What do you dislike about Sophos MDR?** So far, we haven't found anything we truly dislike about Sophos MDR, the service as met our expectations interms of performance, maybe at the only thing, was when we start with Sophos MDR the most information was in English, but our dealer explaind us all what we need. **What problems is Sophos MDR solving and how is that benefiting you?** One ot the key problems that Sophos MDR solved for us as the inpredictability of cost. With our previus provider, Sentinel, we often didn't know the final charges until we received the invoice, which made budgeting difficult. Sophos MDR provides clear, upfront pricing, wich allows us to plan more effectively and avoid unexprected expenses. This transparency has been a mjor benefit for our organization. ### 19. Solid Security Integration with High Resource Usage **Rating:** 4.0/5.0 stars **Reviewed by:** Frank V. | Mid-Market (51-1000 emp.) **Reviewed Date:** October 15, 2025 **What do you like best about Sophos MDR?** I truly appreciate the seamless integration Sophos MDR offers with our existing Sophos products, making deployment hassle-free and straightforward. The 24/7 security coverage provides continuous monitoring and alerts us promptly to any suspicious activity, ensuring our network's safety and allowing us to track and resolve issues efficiently. The daily custom email reports further enhance our operational efficiency by keeping us regularly informed. Additionally, Sophos MDR's ability to lock down machines quickly when needed adds an extra layer of security and peace of mind. **What do you dislike about Sophos MDR?** I don't like how resource-intensive the product is, as the agent seems to use a lot of resources on machines. **What problems is Sophos MDR solving and how is that benefiting you?** I find Sophos MDR provides necessary security posture and alerts us to user activities, enhancing our security operations and giving us confidence in monitoring and threat detection. ### 20. Proactive Security and Peace of Mind with Sophos MDR. **Rating:** 5.0/5.0 stars **Reviewed by:** Pebells L. | IT Manager, Small-Business (50 or fewer emp.) **Reviewed Date:** June 20, 2025 **What do you like best about Sophos MDR?** What I like best about Sophos MDR is the peace of mind it brings by combining advanced threat detection with a highly responsive 24/7 expert team. I appreciate the proactive monitoring and rapid incident response, which allows my internal team to focus on strategic initiatives while knowing that any suspicious activity is being handled in real time. The integration with our existing Sophos solutions, including Sophos Central, makes it easy to visualize threats and take immediate action when needed. The level of visibility and control over threats, without having to manage everything manually... Is truly a game changer. **What do you dislike about Sophos MDR?** One area that could be improved is the reporting dashboard. While it provides useful insights, it lacks flexibility in customization and could benefit from more real-time analytics. Enhancing this would make it easier for different teams to extract actionable intelligence tailored to their specific needs. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR helps us address the challenge of identifying and responding to threats in real time, especially outside of business hours. It bridges the gap between detection and response by providing expert analysts who monitor and act on alerts 24/7. This has significantly reduced our response times and minimized the risk of undetected breaches. The service allows our internal team to focus on core operations while knowing that any suspicious activity is being handled immediately and professionally. ### 21. Real-Time Alerts and Easy Interface Enhance Organizational Security Measures **Rating:** 5.0/5.0 stars **Reviewed by:** Alan L. | IT Administrator, Mid-Market (51-1000 emp.) **Reviewed Date:** June 19, 2025 **What do you like best about Sophos MDR?** It's a good software to protect your company and maintain security in the organization. It's easy to use, and we receive real-time alerts and options about how to fix the issues. The threat detection and response capabilities are excellent, with a team of experts monitoring and responding 24/7, which gives us peace of mind. The dashboard is intuitive, and the reports provide clear visibility into potential risks and actions taken. Integration with other tools was straightforward, and overall, it's been a reliable and efficient solution for our security needs. **What do you dislike about Sophos MDR?** While Sophos MDR is overall a strong solution, there are a few areas for improvement. Sometimes the alerts can be a bit too frequent or not fully prioritized, which can lead to alert fatigue. Additionally, the response time from the MDR team, while usually fast, can occasionally be slower during non-critical issues. Pricing might also be a concern for smaller organizations, as the service can become costly depending on the number of devices or endpoints. **What problems is Sophos MDR solving and how is that benefiting you?** This sofware helps us address the challenge of detecting and responding to threats in real time. Before using it, we had limited visibility into suspicious activity across endpoints and network devices. Now, with 24/7 monitoring by their expert team, we can quickly identify, investigate, and contain threats before they escalate. This has greatly reduced our risk of data breaches and downtime, giving our internal team more time to focus on strategic tasks instead of constantly monitoring for potential threats. ### 22. Reliable Sophos Managed Detection with 24/7 Support. **Rating:** 5.0/5.0 stars **Reviewed by:** Devraj G. | Technical, Information Technology and Services, Small-Business (50 or fewer emp.) **Reviewed Date:** September 03, 2025 **What do you like best about Sophos MDR?** Sophos MDR is easy to use and was simple to implement, with great support from the onboarding team. We rely on it daily, and the wide range of features along with smooth integration into our existing Sophos setup makes it a dependable 24/7 security solution. **What do you dislike about Sophos MDR?** There isn’t much to dislike, but sometimes the detailed reports can feel overwhelming with too much technical information. However, this also shows how thorough the monitoring is. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR solves the challenge of continuous threat monitoring and response, which we couldn’t manage in-house. It improves detection speed, reduces risks, and allows our IT team to focus on other priorities while knowing experts are always watching. ### 23. Sophos Offers Streamlined macOS Setup, Sophos Email is great if using Microsoft 365 **Rating:** 5.0/5.0 stars **Reviewed by:** Manuel T. | Systems Administrator I, Mid-Market (51-1000 emp.) **Reviewed Date:** July 02, 2025 **What do you like best about Sophos MDR?** Features for the price. The documentation is in-depth while being easy to understand and follow. MDR is a great value, specially since XDR is "included" with it, depending on which option you end up going with. **What do you dislike about Sophos MDR?** Could do better to support Google Workspace features like email clawback for Sophos Email (works great with Microsoft 365 though). Also, Linux is currently very limited in the features it has available to use. **What problems is Sophos MDR solving and how is that benefiting you?** Having a small IT team means we can not have a 24/7 SOC team internally. With Sophos MDR, we can give the Sophos SOC team the ability to remediate if/when they find any potential issues, even if it's at the high hours of the night, or we can configure it so they inform us before taking any action, or to take no action at all and let us do the work. ### 24. Evaluating Sophos MDR: Strengths, Gaps, and Real-World Performance **Rating:** 3.5/5.0 stars **Reviewed by:** Hunaiz M. | Sr. Network and Security Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** August 28, 2025 **What do you like best about Sophos MDR?** What I like best about Sophos MDR is the 24/7 monitoring combined with proactive threat hunting by their expert team. Unlike traditional endpoint solutions that only alert on suspicious activity, Sophos MDR provides real-time detection, investigation, and response — which greatly reduces the burden on in-house IT/security teams. I also appreciate the seamless integration with the Sophos ecosystem (firewalls, endpoint, email security), giving a single-pane-of-glass view and faster containment of threats. Their analysts not only respond to incidents but also provide detailed insights and recommendations, which helps strengthen the overall security posture. **What do you dislike about Sophos MDR?** Advanced customization and fine-tuning of detection rules can feel somewhat limited compared to more complex SIEM/SOC solutions. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR is solving the challenge of 24/7 monitoring, detection, and response that would otherwise require building an in-house SOC with significant investment in people and technology. It addresses problems like alert fatigue, missed advanced threats, and delayed response to incidents. ### 25. 24/7 Monitoring and Proactive Threat Detection **Rating:** 5.0/5.0 stars **Reviewed by:** Jennifer R. **Reviewed Date:** August 22, 2025 **What do you like best about Sophos MDR?** I love how Sophos MDR provides 24/7 threat detection and response which our internal team couldn't fully cover. It fills gaps in identifying sophisticated threats, reduces drill time, and provides expert analysis. I appreciate the proactive threat hunting and clear incident reports, which help detect threats early. The seamless integration with existing security tools and prioritized alerts simplify and enhance our response efficiency. Additionally, the combination of automated detection with human analysis offers significant risk reduction and response time, making it a vital extension of our security team and ensuring peace of mind. **What do you dislike about Sophos MDR?** I would like to improve the customization of alert thresholds and notifications because the default settings sometimes generate noise that can be distracting. Having more granular control would help tailor these settings better to our environment and priorities. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR ensures 24/7 threat detection and response, filling gaps in sophisticated threat identification, reducing drill time, and providing expert analysis. It accelerates and enhances threat containment, minimizes potential damage, and allows our IT team to focus on strategic tasks, improving overall security posture and providing peace of mind. ### 26. Once setup we are extremely satisfied with our experience **Rating:** 5.0/5.0 stars **Reviewed by:** Brian D. | Free, Small-Business (50 or fewer emp.) **Reviewed Date:** August 06, 2025 **What do you like best about Sophos MDR?** It removes the onus from our small team, namely myself, of detecting and evaluating and if needed responding to any malicious content. **What do you dislike about Sophos MDR?** Only real thing is the plethora of settings needed to get the system configured initially. This then makes it harder later on to remember why a setting was made if something strange occurs. This is usually due to an OS update or changes in the operations of a third party product or service. **What problems is Sophos MDR solving and how is that benefiting you?** Primarily it solved our need to have 24x7x365 monitoring and response to any malicious content that makes it onto a users device. Without the use of their MDR services I would require 8 additional Security personnel operating round the clock to keep us protected. ### 27. Sophos, a practical and economical tool **Rating:** 4.0/5.0 stars **Reviewed by:** Javier G. | Cybersecurity analyst, Small-Business (50 or fewer emp.) **Reviewed Date:** August 15, 2025 **What do you like best about Sophos MDR?** Sophos is very convenient and easy to run and manage. It is simple to use and client installation is very quick. It also has many built-in features and add-ons at a very affordable price. **What do you dislike about Sophos MDR?** One of its main disadvantages is that despite having many ways to customize its operation, it still lacks in terms of complete customization. There are certain options that cannot be altered or can only be added by the manufacturer itself. In addition, it lacks some ways to more efficiently manage registered devices. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos helps me protect my critical equipment from imminent threats that could affect it. It has helped me control issues of non-compliance and unsafe behavior among my users. ### 28. Effortless 24/7 Cybersecurity Monitoring for Our Clients **Rating:** 5.0/5.0 stars **Reviewed by:** Bear R. | VP of Technology, Small-Business (50 or fewer emp.) **Reviewed Date:** November 25, 2025 **What do you like best about Sophos MDR?** It helps us keep eyes on our clients' cybersecurity 24/7 without actually having to use internal staff to do so. **What do you dislike about Sophos MDR?** No real downsides that I've noticed. There's a little extra setup involved but nothing major. **What problems is Sophos MDR solving and how is that benefiting you?** It essentially monitors our clients for us, using actual humans and not just predefined alert systems, which gives us more peace of mind for our clients' cybersecurity. ### 29. Sophos MDR Complete brings peace of mind to cyber security. **Rating:** 5.0/5.0 stars **Reviewed by:** Stephen S. | IT Manager, Mid-Market (51-1000 emp.) **Reviewed Date:** June 26, 2025 **What do you like best about Sophos MDR?** Since implementing Sophos MDR, we have experienced a significant improvement in our security posture. Sophos MDR actively monitors our network and login activity, and they have alerted us to suspicious behavior on our Entra account within just one to two hours of compromise. Moreover, they provide clear, step-by-step remediation guidance, which has been invaluable. For our on-premises infrastructure, we’ve configured the system to allow Sophos to autonomously address any issues they detect. **What do you dislike about Sophos MDR?** The endpoint agent can take a lot of system resources, especially when doing a scan **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR monitors my local network, servers, and workstations. It also monitors my Entra logins and Exchange Rules. They can remediate local network issues immediately without me having to get involved. For Entra, they give me step-by-step remediation steps that are easy to understand and follow. ### 30. Centralized Management Praised Despite Compatibility Issues With Outdated Linux Kernel **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Government Administration | Mid-Market (51-1000 emp.) **Reviewed Date:** August 06, 2025 **What do you like best about Sophos MDR?** Central management with a single pane of glass and the live human response to our MDR incidents. Not having to check emails or alerts and just knowing that someone will look after the issue is really helpful and less stressful than having to keep an eye on email/teams all the time. **What do you dislike about Sophos MDR?** I haven't run into many downsides yet. The service has caught everything that it has detected since installation. Other than the software is using an outdated version of linux OS, I'm happy. **What problems is Sophos MDR solving and how is that benefiting you?** Allows us to focus on the rest of our environment without having to worry about constantly checking emails/alerts regarding suspicious network activity. The human review factor give us peace of mind knowing that its not just AI doing the work but being double checked and confirmed by a human. The time from an alert to someone looking at it is very quick and again gives us peace of mind and time to work on more valuable tasks. I like the single pane of glass for the rest of our Sophos tools. ### 31. Sophos MDR – Strong Security Backbone for Our Organization **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Hospitality | Mid-Market (51-1000 emp.) **Reviewed Date:** July 05, 2025 **What do you like best about Sophos MDR?** What I like best about Sophos MDR is its 24/7 expert threat monitoring and rapid incident response, which gives us peace of mind knowing our systems are being actively protected by professionals. **What do you dislike about Sophos MDR?** While Sophos MDR provides excellent threat detection and response, the pricing can be a bit high for smaller organizations, and some advanced configurations may require support assistance, which slightly limits flexibility for in-house teams. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR helps us address the critical challenge of real-time threat detection and response, especially during off-hours when internal IT resources are limited. It ensures continuous monitoring, rapid threat containment, and expert analysis, which significantly reduces our response time and minimizes potential damage. This allows our team to focus on core IT functions with confidence that our security is in expert hands. ### 32. my opinion about MDR Sophos **Rating:** 5.0/5.0 stars **Reviewed by:** Rafael L. | Cybersecurity Analyst, Computer & Network Security, Small-Business (50 or fewer emp.) **Reviewed Date:** August 21, 2025 **What do you like best about Sophos MDR?** The proactive threat hunting and rapid incident response are truly what set Sophos MDR apart. Knowing that a team of experts is constantly monitoring our environment gives me unparalleled peace of mind **What do you dislike about Sophos MDR?** There is nothing to dislike about this solution. It has consistently met and exceeded our expectations, delivering exactly what was promised. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR solves the major problem of staying ahead of sophisticated cyber threats like ransomware and advanced phishing attacks. It fills the gap we had in our security posture, as our internal team did not have the resources or expertise to perform 24/7 threat hunting and incident response. ### 33. Sophos MDR **Rating:** 5.0/5.0 stars **Reviewed by:** Prashant S. | Manager SMB Sales, Computer & Network Security, Small-Business (50 or fewer emp.) **Reviewed Date:** July 31, 2025 **What do you like best about Sophos MDR?** MDR helps organizations “stop breaches faster, free up time, and sleep better at night” by offloading the burden of threat detection and response. Top features of Sophos MDR: 1. 24/7 Human-Led Threat Response 2. Proactive Threat Hunting 3.Rapid Incident Response - minimizes breach impact through fast, AI-powered response actions, backed by a global incident response team. 4. Integration with Microsoft Defender - can monitor and respond to Microsoft Security alerts more comprehensively than Microsoft itself, making it a strong co-pilot for hybrid security setups 5. Cyber Insurance Benefits - can lower cyber insurance premiums 6.Unified XDR Platform - enabling visibility across endpoints, servers, firewalls, identity solutions, and cloud tools. **What do you dislike about Sophos MDR?** Common Dislikes and Limitations of Sophos MDR: 1. High Pricing Compared to Competitors is more expensive. 2. Limited Third-Party Integration. 3. Communication and Language Support. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR Solves below problems: 1. Human-led, round-the-clock threat detection and response 2. Delayed Threat Detection - Sophos MDR helps detect and respond to threats before adversaries can cause damage, thanks to its unified XDR platform that monitors endpoints, servers, firewalls, identity systems, and cloud tools 3. Complex Multi-Stage Attacks - designed to handle multi-vector, multi-stage threats that traditional tools often miss. It uses deep learning and threat intelligence from Sophos Labs to proactively identify and neutralize attacks 4. Ransomware and Real-World Threats - provides real-world incident response insights to help customers strengthen their defences ### 34. Solid security operations, but containment needs work **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Translation and Localization | Enterprise (> 1000 emp.) **Reviewed Date:** July 30, 2025 **What do you like best about Sophos MDR?** What we like best about Sophos MDR is the 24/7 expert threat monitoring and rapid response. The MDR team acts as an extension of our internal security operations, providing actionable alerts and guided response support, which gives us confidence and peace of mind, especially outside business hours. Their expertise in investigating complex threats and reducing false positives has been a key advantage. **What do you dislike about Sophos MDR?** What we dislike about Sophos MDR is the limited containment in specific threat scenarios. In a recent case involving the Horabot trojan, MDR did not fully contain the threat — email propagation was not blocked in time, and containment actions required manual follow-up. This revealed a gap in automated response and containment capabilities for advanced or evasive threats. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR helps us address the challenge of 24/7 threat detection and response with limited internal resources. Their expert team monitors and investigates alerts around the clock, reducing our response time and allowing our internal team to focus on strategic initiatives rather than constant alert triage. The MDR service has significantly decreased false positives and provided clear guidance during incidents, improving our overall security posture and confidence in threat handling. ### 35. Sophos MDR: superior proactive security at the click of a button **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Manufacturing | Mid-Market (51-1000 emp.) **Reviewed Date:** July 29, 2025 **What do you like best about Sophos MDR?** Key strengths include the speed of deployment and the ability to fully delegate threat management to the Sophos team, eliminating response delays that could prove extremely damaging. Another major advantage is the advanced reporting and the robust query database available to assess asset status. **What do you dislike about Sophos MDR?** Despite being well-structured, the abundance of available data does take some getting used to. The inability to quickly and easily report false positives straight from the console is one possible drawback. Although the queries are clearly helpful, they appear to be more suited for seasoned users and are less useful for regular, daily tasks. That said, since this is a managed service, their use remains entirely optional. **What problems is Sophos MDR solving and how is that benefiting you?** The IT department no longer has to worry about having highly skilled personnel on hand to react quickly around-the-clock thanks to Sophos MDR. Our adoption of the service was primarily motivated by the proactive threat response, the brand's strength, the Sophos technicians' expertise, and the insurance coverage in the event of a breach. There is a noticeable sense of increased security, and the advantages are real. ### 36. Sophos MDR service **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Financial Services | Mid-Market (51-1000 emp.) **Reviewed Date:** July 28, 2025 **What do you like best about Sophos MDR?** While we were a little reluctant to put our trust in an outside source for security, the Sophos MDR service has proven to be everything we had hoped for. Our company is no different in that we were being asked to do more with less staff. Having the Sophos MDR service allows us to sleep at night knowing that our IT environment is being watched 24/7 and that we don't need to wake up for every alert that hits our cell phones. **What do you dislike about Sophos MDR?** As with any enterprise wide deployment, we had our share of bumps in the road. Our biggest issue was with the implementation of the client on our VDI environment. I wouldn't say this was a reason to look elsewhere ... just happened to be there was a bug with the Sophos integration on the specific version of VDI software we are using. **What problems is Sophos MDR solving and how is that benefiting you?** The biggest benefit for our IT staff that Sophos MDR offers is having another set of eyes watching the alerts around the clock. We don't have a huge IT staff with a specialized department handling security ... we instead where several (all) the hats. We found that security is not something we can watch on a part time basis, so knowing that Sophos MDR is constantly monitoring everything security related around the clock gives us time back in our day to focus on other areas. ### 37. A product that out preforms others and just works! **Rating:** 5.0/5.0 stars **Reviewed by:** Trenton P. | IT Network Supervisor, Mid-Market (51-1000 emp.) **Reviewed Date:** June 24, 2025 **What do you like best about Sophos MDR?** Knowing When we have have an issue and that its taken care of ASAP! Getting and email of the full incident and how it was handled Is a great service. Have easy of mind that that if something major does come up its is handled. We had a ransomware incident that was caught and stopped before we knew anything happed all within minutes. **What do you dislike about Sophos MDR?** I have not found a something I dislike about the product. The treat view from how something tried to access the system and where it came from can be hard to read at times but very detailed. Maybe if they had an easier view for the incident path it took. **What problems is Sophos MDR solving and how is that benefiting you?** AV/MDR/ email protection, phishing tests, Cyber Insurance, and Compliances that need to be met. ### 38. Exceptional Emerging Trending Product **Rating:** 5.0/5.0 stars **Reviewed by:** Vishwanath S. | Head IT, Mid-Market (51-1000 emp.) **Reviewed Date:** August 05, 2025 **What do you like best about Sophos MDR?** Sophos Managed Detection and Response (MDR) is most helpful for its 24/7 threat monitoring and response capabilities, expert-led threat hunting, and full-scale incident response, which significantly improves an organization's security posture and frees up internal IT resources. The upsides include improved cyber defense, freed-up IT capacity, and a reduction in the risk of costly cyberattacks **What do you dislike about Sophos MDR?** Sophos MDR can be expensive, particularly for smaller organizations. Communication issues, including slow response times and lack of local language support, are also mentioned as concerns. Furthermore, false positives can lead to wasted time and resources, and integration with existing security stacks might not always be seamless. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR provides round-the-clock threat monitoring, ensuring constant vigilance against cyberattacks, even outside of standard business hours.Sophos MDR provides a managed service that handles the complexity of modern threats, including ransomware and other sophisticated attacks, through expert analysis and targeted actions. ### 39. Sophos MDR provided prompt threat detection giving me confidence in my device’s security. **Rating:** 5.0/5.0 stars **Reviewed by:** Bob S. | Network Administrator, Mid-Market (51-1000 emp.) **Reviewed Date:** July 08, 2025 **What do you like best about Sophos MDR?** The most helpful aspect of Sophos MDR is its proactive threat detection paired with expert, real-time support, which offers peace of mind by swiftly addressing security issues before they escalate. **What do you dislike about Sophos MDR?** While Sophos MDR excels in proactive support, the least helpful aspect can be the occasional delay in communication during complex investigations, which may slow down the resolution process for intricate security incidents. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR addresses the challenge of detecting and responding to advanced cyber threats by providing around-the-clock monitoring, rapid threat investigation, and expert guidance. This proactive approach helps prevent breaches before they escalate, giving me greater peace of mind and allowing me to focus on my work, knowing my systems are continuously protected and supported by security professionals ### 40. The best MDR in the market! **Rating:** 5.0/5.0 stars **Reviewed by:** Kevin P. | Technical Support Specialist, Mid-Market (51-1000 emp.) **Reviewed Date:** June 23, 2025 **What do you like best about Sophos MDR?** I’m truly impressed with Sophos MDR. What I like the most is the speed with which it detects and reports any anomalies in our environment. It keeps us constantly informed about the overall status of our assets, giving us great peace of mind and control. Without a doubt, it’s one of the best managed detection and response solutions on the market. Its effectiveness and proactivity make a real difference. **What do you dislike about Sophos MDR?** Honestly, there’s nothing I would change about the tool — it works exactly as we need it to. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos keeps us secure in every possible way. Their MDR team is highly professional and always attentive to any potential threats within our environment. Their constant vigilance and dedication give us great confidence in the protection of our systems. ### 41. A reliable, powerful, and responsive MDR service, despite its high cost **Rating:** 5.0/5.0 stars **Reviewed by:** Michel B. | Administrateur Sytèmes et Réseaux, Mid-Market (51-1000 emp.) **Reviewed Date:** August 27, 2025 **What do you like best about Sophos MDR?** 1. Responsiveness and expertise of the Sophos MDR team 24/7. 2. Complete visibility on threats and endpoints. 3. Seamless integration with Sophos Central and other security solutions. **What do you dislike about Sophos MDR?** 1. Relatively high service cost despite the enormous gain in terms of security. 2. Weekly or monthly reports sent automatically would have been welcome. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR allows you to sleep soundly by protecting you 24/7. However, this does require having a Sophos ecosystem in place beforehand. But Sophos has a wide range of connectors that allow for the analysis of logs from different manufacturers/publishers. ### 42. MDR with 24/7 visibility and expert response to incidents **Rating:** 5.0/5.0 stars **Reviewed by:** Pedro Enmanuel D. | Analista de Gestión de Incidentes, Mid-Market (51-1000 emp.) **Reviewed Date:** August 04, 2025 **What do you like best about Sophos MDR?** What I like most about Sophos MDR is the 24/7 monitoring by expert analysts, the rapid response to incidents, and the seamless integration with Sophos Central, which allows for unified security management. **What do you dislike about Sophos MDR?** The reports could be more detailed and customizable. Sometimes the initial response takes a bit longer than expected in minor incidents. **What problems is Sophos MDR solving and how is that benefiting you?** Although incident management can be complex and time-consuming, Sophos MDR helps alleviate this burden by providing 24/7 monitoring and a rapid, expert response, which reduces risk and allows our team to focus on strategic tasks. ### 43. Easy to Administer and Manage **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Legal Services | Mid-Market (51-1000 emp.) **Reviewed Date:** August 12, 2025 **What do you like best about Sophos MDR?** The dashboard is clean and well-organized, making it simple to monitor threats and understand what's happening across our environment. Administration is straightforward and it is easy to use. **What do you dislike about Sophos MDR?** While Sophos MDR offers strong threat detection and response capabilities, one area that feels lacking is its integration with external alerting platforms like Microsoft Teams. For a modern IT environment where real-time collaboration is key, not being able to push alerts directly into Teams channels or other messaging tools creates a gap in visibility and responsiveness. It would be a big improvement if Sophos could offer more flexible, native integrations for alerting workflows **What problems is Sophos MDR solving and how is that benefiting you?** It covers the gap of round the clock coverage of Monitoring, Alerting and Response from not having a dedicated in house teams not only in terms of man power but also technical knowledge ### 44. Evaluation of comprehensive solutions and the deployment of the solutions **Rating:** 4.5/5.0 stars **Reviewed by:** roberto m. | Jefe del departamento de TI, Mid-Market (51-1000 emp.) **Reviewed Date:** August 08, 2025 **What do you like best about Sophos MDR?** What I like most about MDR is how easy it is to deploy the solution and the visibility it gives you of the teams and their status. That we can see the other Sophos solutions on the same panel. **What do you dislike about Sophos MDR?** The phone support is by default in English. **What problems is Sophos MDR solving and how is that benefiting you?** We had a password leak of a finance director, the MDR support helped us activate features we didn't know we had regarding integration with Microsoft accounts, now MDR also evaluates how our status is with our Microsoft accounts. ### 45. Sophos MDR - it's time to put all your eggs in one basket. **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Electrical/Electronic Manufacturing | Mid-Market (51-1000 emp.) **Reviewed Date:** June 07, 2023 **What do you like best about Sophos MDR?** Sophos MDR sold us on the concept of migrating EndPoint protection, firewall, VPN, and email security to the same vendor. With Sophos MDR engineer behind the scenes any time an alert is triggered, we know they have our back whether it is the middle of the day or middle of the night, and we know they can support all our security services because we are using their products. **What do you dislike about Sophos MDR?** We like Sophos MDR and their security products and would like to install in our Japanese offices, but currently they do not offer native Japanese speaking engineers for MDR, so that office uses an alternate solution. **What problems is Sophos MDR solving and how is that benefiting you?** MDR, along with Sophos Endpoint Protection, Sophos firewall/VPN, and Sophos email security - is monitoring all end-user computers and all servers in our environment and sending us immediate alerts any time a policy violation or potentially unwanted application or even an unexpected PowerShell script is run on any system. In some cases, one Sophos engineer will create a case based on a perceived threat, and another Sophos engineer will review the threat and close the case if it is deemed a non-issue, all before the IT personnel wake up in the morning. MDR is a 24-hour extension of our small two-person IT department. ### 46. Reliable and Proactive Threat Detection with Sophos MDR **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Manufacturing | Mid-Market (51-1000 emp.) **Reviewed Date:** August 13, 2025 **What do you like best about Sophos MDR?** 24/7 Monitoring: Continuous threat detection and response gives peace of mind. Expert-Led Investigations: Sophos analysts provide detailed insights and take action when needed. Clear Reporting: Easy-to-understand dashboards and regular updates. Fast Response Times: Quick containment and remediation of threats. Integration: Seamless with existing Sophos products and other security tools. **What do you dislike about Sophos MDR?** Customization Limits: Some predefined response workflows could use more flexibility. Alert Noise: Occasionally, alerts may be too frequent or not fully relevant. Learning Curve: Initial setup and understanding of MDR features can take time. **What problems is Sophos MDR solving and how is that benefiting you?** Sophos MDR has significantly improved our cybersecurity posture and operational efficiency. From a business standpoint, it helps us stay ahead of threats without needing to expand our internal security team. The 24/7 monitoring and expert-led response mean we can focus on strategic IT initiatives rather than constantly reacting to alerts. ### 47. Sophos MDR: A strong, integrated security service backed by expert response and 24/7peace of Mind. **Rating:** 4.0/5.0 stars **Reviewed by:** Sudipta B. | Presales and Alliance Manager- Data Center Practices(Compute), Enterprise (> 1000 emp.) **Reviewed Date:** July 03, 2025 **What do you like best about Sophos MDR?** It is a combination of powerful automation and real human expertise delivered through tightly integrated security ecosystems. Top features of Sophos MDR :-Fast Response time; Deep Intergration with Sophos Products; customizable response modes(we can choose between Notify, Authorize and Collaborate-we can decide how hands on Sophos to be). It delivers enterprise level monitoring and response at fraction of what a full in house team will cost. **What do you dislike about Sophos MDR?** It has limited visibility outside Sophos ecosystem.It works the best with Sophos tools and if we are using third party tool, visibility and correlation are limited. It has limited customization while reporting. While reports are clear but some users wish for more granular or customized dashboard. **What problems is Sophos MDR solving and how is that benefiting you?** It is solving critical problem of 24/7 threat detection and response, especially for organization that don't have a dedicated in- house security operations Center(SOC) or the resources to monitor and act on threats around the clock. Sophos MDR gives us skilled threat responder, faster containment and clarity during incidents- without having to build our own SOC. Its like having an expert security team on stand by 24/7. ### 48. TRANSPARENCY IN CYBERSECURITY **Rating:** 5.0/5.0 stars **Reviewed by:** Javier P. | Auxiliar Soporte Tecnico, Mid-Market (51-1000 emp.) **Reviewed Date:** August 12, 2025 **What do you like best about Sophos MDR?** The security it offers to my teams and the transparency of information at the time of a detection and the ease of use of the Sophos Central console. **What do you dislike about Sophos MDR?** That there are no engineers in Spanish limits communication a bit since not all my colleagues speak English. **What problems is Sophos MDR solving and how is that benefiting you?** The main problem is the time I used to spend analyzing detections; now I don't worry about that anymore since the MDR team takes care of it, and I can no longer focus on the users and problems of my company. ### 49. Proactive Threat Hunting and Seamless Integrations **Rating:** 4.0/5.0 stars **Reviewed by:** BENOIT C. | IT MANAGER, Mid-Market (51-1000 emp.) **Reviewed Date:** January 13, 2026 **What do you like best about Sophos MDR?** I appreciate their proactive human-led threat hunting and the ability to integrate with security tools from other vendors. **What do you dislike about Sophos MDR?** The high cost of premium tiers and the heavy system resource usage on older machines are significant drawbacks. **What problems is Sophos MDR solving and how is that benefiting you?** It addresses the global cybersecurity skills gap by providing 24/7 expert threat hunting and immediate incident remediation. ### 50. Excellent products that provide reasurance 24/7 **Rating:** 5.0/5.0 stars **Reviewed by:** Phil C. | IT Operations Manager, Mid-Market (51-1000 emp.) **Reviewed Date:** August 27, 2025 **What do you like best about Sophos MDR?** We can integrate logs from other services such as o365 into Sophos MDR to provide a 24/7 SOC capability that we would be unable to do ourseves. Sophos MDR is easy to implement and manage via Sophos central and gives an overview dashboard that quickly highlghts potential problem areas for further investigation **What do you dislike about Sophos MDR?** The logs can be a bit difficult to interrogate if you need to dig into them **What problems is Sophos MDR solving and how is that benefiting you?** Quickly highlight and alert on potential issues without me having to worry about checking logs constantly ## Sophos MDR Discussions - [In terms of security, does Sophos give a complete protection against virus and malware?](https://www.g2.com/discussions/26270-in-terms-of-security-does-sophos-give-a-complete-protection-against-virus-and-malware) - 1 comment, 1 upvote - [What is a threat response software?](https://www.g2.com/discussions/what-is-a-threat-response-software) - 1 comment - [View Sophos MDR pricing details and edition comparison](https://www.g2.com/products/sophos-mdr/reviews?section=pricing&secure%5Bexpires_at%5D=2026-05-22+08%3A12%3A31+-0500&secure%5Bsession_id%5D=b291f8b4-4ac3-4dea-b0bd-fd8b5a90bb9f&secure%5Btoken%5D=242b66742827c368d277030f22b890909807a23e6cc660daa704d5c31f2b1cbf&format=llm_user) ## Sophos MDR Integrations - [Acronis Cyber Protect Cloud](https://www.g2.com/products/acronis-cyber-protect-cloud/reviews) - [Adlumin](https://www.g2.com/products/adlumin/reviews) - [Arctic Wolf](https://www.g2.com/products/arctic-wolf/reviews) - [Azure Portal](https://www.g2.com/products/azure-portal/reviews) - [Cisco Duo](https://www.g2.com/products/cisco-duo/reviews) - [Cisco Meraki](https://www.g2.com/products/cisco-meraki/reviews) - [ConnectWise Automate](https://www.g2.com/products/connectwise-automate/reviews) - [CrowdSec](https://www.g2.com/products/crowdsec/reviews) - [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) - [Darktrace/Detect](https://www.g2.com/products/darktrace-detect/reviews) - [Datto RMM](https://www.g2.com/products/datto-rmm/reviews) - [eSentire](https://www.g2.com/products/esentire/reviews) - [FortiClient](https://www.g2.com/products/forticlient/reviews) - [FortiGate-VM NGFW](https://www.g2.com/products/fortigate-vm-ngfw/reviews) - [FortiManager](https://www.g2.com/products/fortimanager/reviews) - [Google Cloud Storage](https://www.g2.com/products/google-cloud-storage/reviews) - [Google Security Operations](https://www.g2.com/products/google-security-operations/reviews) - [Google Workspace](https://www.g2.com/products/google-workspace/reviews) - [KnowBe4 PhishER/PhishER Plus](https://www.g2.com/products/knowbe4-phisher-phisher-plus/reviews) - [LogRhythm SIEM](https://www.g2.com/products/exabeam-logrhythm-siem/reviews) - [Lumu](https://www.g2.com/products/lumu/reviews) - [ManageEngine ADAudit Plus](https://www.g2.com/products/manageengine-adaudit-plus/reviews) - [Microsoft 365](https://www.g2.com/products/microsoft365/reviews) - [Microsoft Defender for Endpoint](https://www.g2.com/products/microsoft-defender-for-endpoint/reviews) - [Microsoft Defender for Identity](https://www.g2.com/products/microsoft-defender-for-identity/reviews) - [Microsoft Defender for Office 365](https://www.g2.com/products/microsoft-microsoft-defender-for-office-365/reviews) - [Microsoft Entra ID](https://www.g2.com/products/microsoft-entra-id/reviews) - [Microsoft Graph](https://www.g2.com/products/microsoft-graph/reviews) - [Microsoft Sentinel](https://www.g2.com/products/microsoft-sentinel/reviews) - [Mimecast Advanced Email Security](https://www.g2.com/products/mimecast-advanced-email-security/reviews) - [Palo Alto Networks Next-Generation Firewalls](https://www.g2.com/products/palo-alto-networks-next-generation-firewalls/reviews) - [Rapid7 Next-Gen SIEM](https://www.g2.com/products/rapid7-next-gen-siem/reviews) - [SentinelOne Singularity Endpoint](https://www.g2.com/products/sentinelone-singularity-endpoint/reviews) - [SonicWall Next Generation Firewall](https://www.g2.com/products/sonicwall-next-generation-firewall/reviews) - [Sophos Central](https://www.g2.com/products/sophos-central-2022-06-17/reviews) - [Sophos Email](https://www.g2.com/products/sophos-email/reviews) - [Sophos Endpoint](https://www.g2.com/products/sophos-endpoint/reviews) - [Sophos Firewall](https://www.g2.com/products/sophos-firewall/reviews) - [Sophos Intercept X](https://www.g2.com/products/sophos-sophos-intercept-x/reviews) - [Splunk Enterprise](https://www.g2.com/products/splunk-enterprise/reviews) - [ThreatLocker Allowlisting](https://www.g2.com/products/threatlocker-allowlisting/reviews) - [TrendAI Vision One](https://www.g2.com/products/trendai-vision-one/reviews) - [Trend Vision One - Endpoint Security](https://www.g2.com/products/trend-vision-one-endpoint-security/reviews) - [Veeam Data Cloud for Azure](https://www.g2.com/products/veeam-data-cloud-for-azure/reviews) - [Veeam Data Cloud for Microsoft 365](https://www.g2.com/products/veeam-data-cloud-for-microsoft-365/reviews) - [Veeam Data Platform](https://www.g2.com/products/veeam-data-platform/reviews) - [VEEAM Recovery Orchester](https://www.g2.com/products/veeam-recovery-orchester/reviews) - [WatchGuard Network Security](https://www.g2.com/products/watchguard-network-security/reviews) ## Sophos MDR Features **Platform Features** - 24/7 support - Proactive report alerts - Application control - Proactive threat hunting - Rapid response time - Customizeable reports - Managed Services **Automation Capabilities** - Automated remediation - Automated investigation - AI Agents ## Top Sophos MDR Alternatives - [Huntress Managed EDR](https://www.g2.com/products/huntress-managed-edr/reviews) - 4.9/5.0 (880 reviews) - [Arctic Wolf](https://www.g2.com/products/arctic-wolf/reviews) - 4.7/5.0 (275 reviews) - [Blackpoint Cyber](https://www.g2.com/products/blackpoint-cyber/reviews) - 4.7/5.0 (257 reviews)