RevBits Endpoint Security vs Sophos Intercept X-EDR RevBits EPS value statement: RevBits Endpoint Security can increase
RevBits Endpoint Security can increase your IT personnel’s
Messaging for Sophos:
Protect All Your Devices: Sophos Endpoint Protection works across a vast range of devices and
deployment schemas. Businesses can keep their assets safe — from cellphone to workstation and
beyond.
Flexible Deployment: Users can deploy on-premise or in the cloud, enabling flexible deployments
for all business sneeds.
Save Money: Malware and ransomware cost businesses thousands of dollars annually. Deploying
endpoint software can help mitigate threats and save users money. Accenture reports that a cyber-
attack can cost a company $2.4 billion on average, which Sophos mitigates by deploying preemptive
defense tactics.
Top-rated Malware Detection: The product has received numerous awards from Gartner, Av-
test.org, SE Labs and more. Users will receive a product that has won a Tech Innovator award from
CRN, based on the uniqueness of their suite of features, which preemptively target malware, and
offer superior device and policy management.
Sophos Intercept X-EDR(SO) Data Sheet Features and RevBits Endpoint Security (EPS)
match-up points:
SO: EDR combined with the strongest endpoint protection
RevBits EPS: Deploys a three-phased analysis of new executables, utilizes an advanced exploit
detection and prevention engine, and the most functional EDR module available in both GUI and
command line.
SO: Deep Learning Malware Analysis
RevBits EPS: Offers a lightweight and seamless sandbox for analyzing and classifying
executables that are running on the endpoint, which further protects the network from malicious
executables.
SO: On-demand curated threat intelligence from SophosLabs
RevBits EPS: Utilizes intelligence gathered by RevBits researchers and from other commercial
threat intelligence feeds.
SO: Machine learning detection and prioritization of suspicious events
RevBits EPS: Is the only EPS solution which conducts a three-phased review of new executables
to include: 1. Signature Comparison, 2. Machine Learning Verification, 3. Behavioral Analysis.
SO: Guided investigations make EDR approachable yet powerful
RevBits EPS: EDR allows system administrators full complete visualization of endpoints and any
infection to include origination and any spawned executions. With the vast visualization provided
by RevBits EPS-EDR administrators can conduct and extreme array of remediation and the
midigation of actions such as: conduct a complete forensic investigation from either GUI or
Command Line to conduct: Process management (list, kill, force kill, dump memory), Registry
Explorer (list, read, write, update), File Explorer (full filesystem), Memory dump, Disk/drive
dump, Services/Drivers management, Anti-rootkit functionality.
SO: Respond to incidents with a single click
RevBits EPS: EDR allows system administrators to conduct a complete forensic investigation on
a single workstation or multiple workstations, at one time.
work efficiency and reduce their cost to the organization, through its ability to reduce
malware infections of your network. By deploying the only available three-phased
detection and blocking system on the market as well as the most agile and capable EDR
module, RevBits Endpoint Security provides you with the security you are looking for.
Top Eight Reasons to Choose RevBits Endpoint Security (EPS) over Sophos Intercept X-EDR:
1. Malware Detection and Blocking: RevBits EPS is the only EPS solution which conducts a three-phased
review of new executables to include: 1. Signature Comparison, 2. Machine Learning Verification, 3.
Behavioral Analysis
2. Prevent and Block Kernel Drivers: RevBits Endpoint Security currently holds two US Patents. Both US
Patents are centered around RevBits technology to detect, analyze, and block kernel drivers - both signed
and unsigned drivers.
3. USB Policy Control: RevBits Endpoint Security provides system administrators with establishing extensive
USB device policy through its USB manager.
4. The Most Agile EDR Available: RevBits Endpoint Security’s EDR allows system administrators to conduct a
complete forensic investigation on both s single workstation or on multiple workstations at one time.
5. Isolation for Security: RevBits Endpoint Security isolates new executables for analyzing and classifying
that are running on the endpoint, which further protects the network from malicious executables.
6. Full command logging: RevBits Endpoint Security records all commands executed in Powershell and
command prompt at all workstations, including source code of scripts (batch or Powershell). Administrators
can audit all scripts executed in the entire network in a matter of minutes.
7. Workstation level firewall rules: RevBits Endpoint Security allows administrators to define and manage
host-level firewall rules. These rules can be automated to block network and/or internet access when a
machine reports a malicious activity.
8. Instant access to workstations and process history: RevBits EPS maintains entire process hierarchy,
hashes, username and workstation information of all executed processes in all workstations. With its custom
live access system, administrators can query a single workstation for IoC’s within a matter of seconds.
Why is RevBits Endpoint Security’s EDR module so Agile and Capable?
Here are the top reasons:
1 Process Management with extensive details - view, kill, and launch processes.
2. Complete Registry Explorer - all within the browser with capabilities of Windows Registry Explorer.
3. Complete File Explorer - all within the browser with capabilities of Windows Explorer.
4. Manage Windows drivers and services with complete access (view/edit/delete/start/stop).
5. Automatic forensic artifact extraction.
6. Remote memory dump or process memory dump.
7. Remote disk and drive dump.
8. Remote shell access from both Powershell and command prompt.
9. Inspect and analyze system startup entries.