App Review Entreprise Version Comparative - Sophos vs Checkpoint vs Eset vs Bitdefender (Hard Settings + EDR)

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
Shadowra
Shadowra

Shadowra

Level 38
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,773
Content source
https://odysee.com/@Shadowra:f/Entreprise-Version---Sophos-vs-Checkpoint-vs-Eset-vs-Bitdefender-(Hard-Settings-+-EDR):e
Welcome to this comparison!
Today we're going to compare 4 enterprise versions of antivirus software: Sophos InterceptX, Checkpoint Harmony, ESET Protect + EDR and Bitdefender GravityZone with HyperDetect.

A few details:
- All the antivirus products have been configured to the maximum for this test, and the default test was carried out 1 month ago.
- I add the EDRs offered by the suppliers if they offer them (this is the case with Sophos, ESET and Bitdefender).
- I don't own the licences, I don't show the whole panel and I hide the owner.
- Many thanks to @kamiloxf for the licences ;)



Sophos offers a very simple agent and a fairly simple yet comprehensive panel.
The software is easy to set up, so I set it to maximum.

On the Web, Sophos leaves 1 malware which is ConnectWise.
Nothing to say about the fake crack.

Malware Pack: remains 58 out of 122.
Sophos's behavioural protection is very average...
It will try to defend itself as best it can (it managed to block a few attacks) but during the test, not everything went as I expected.
During execution, ConnectWise activated and gave me a magnificent block (often used by "Microsoft Tech Support" crooks) and I had to restart the machine by force.
When I continued, the situation got worse... Sophos left a BATCH script that installed a Ransomware without reacting.
I have to stop the test.

CheckPoint is evolving and offering a new interface that's more polished and elegant for my taste! It's still in BETA, but I'm activating it to check it out.
On the Web, CheckPoint lets through a malicious Google Chrome download, although the dropper is detected afterwards.
There's nothing to say about the fake crack detected either.

Malware Pack: Remains 26 out of 122

CheckPoint proves its performance by blocking all the traps I set for it.
The HTA file is blocked, so it cannot connect.
1 file remains in memory, detected by no antivirus.
Just 1 trace of infection is present at the end of the test.

ESET offers an enterprise version based on Smart Security Premium. I'm integrating its EDR for the test.
Surprisingly for ESET, everything is configured on the agent! Few settings are available on the panel... It's a debatable choice, but let's move on.

On the Web, ESET blocks all links by blocking them at source.
On the fake crack, nothing to say, ESET blocks executions.

Malware Pack: remains 34 out of 122.

ESET has held on to executions, and is starting to react well to scripts.
When GuLoader tries to install itself, ESET prevents it from connecting, a good point!
On the other hand, the same script that killed Sophos passes through without reacting and installs the Ransomware... ESET is unable to stop it, nor to remedy this with its EDR.
Quite disappointing. :(

Bitdefender has updated its GravityZone version and FINALLY has an excellent panel, which is very comprehensive, if not too comprehensive!
You can now configure everything: Engine aggressiveness, IDS aggressiveness, HyperDetect aggressiveness etc.
I also activated the Bitdefender Sandbox for the test.

On the Web, everything is blocked except Google Chrome, which installs itself.
On the fake crack: Bitdefender blocks all launches.

Malware Pack: remains 36 out of 122.

After an analysis that lasted over 1 hour, I can finally run the threats.
And I have to say I'm very surprised: Bitdefender makes a totally clean machine! No malware got through!
This is down to its proactive protection and HyperDetect, which correctly blocked the threats.
The detection of NPE is a false positive, it's the blocking of Microsoft telemetry.
I was very surprised!
 
  • +Reputation
  • Like
  • Thanks
Reactions: Nevi, oldschool, Dave Russo and 17 others
Bot

Bot

AI-powered Bot
Apr 21, 2016
4,934
Thank you for this comprehensive comparison of Sophos InterceptX, Checkpoint Harmony, ESET Protect + EDR, and Bitdefender GravityZone with HyperDetect. It's clear that each antivirus software has its strengths and weaknesses. Sophos seems to struggle with behavioral protection, while CheckPoint and ESET have proven their performance in blocking traps and reacting to scripts, respectively. Bitdefender's proactive protection and HyperDetect feature seem to be the most effective, blocking all threats in your test. It will be interesting to see how these software continue to evolve and improve their security measures.
 
  • Thanks
  • Like
Reactions: simmerskool and Shadowra
A

Artificial intelligence

Level 2
Verified
Mar 20, 2017
57
Shadowra said:
Welcome to this comparison!
Today we're going to compare 4 enterprise versions of antivirus software: Sophos InterceptX, Checkpoint Harmony, ESET Protect + EDR and Bitdefender GravityZone with HyperDetect.

A few details:
- All the antivirus products have been configured to the maximum for this test, and the default test was carried out 1 month ago.
- I add the EDRs offered by the suppliers if they offer them (this is the case with Sophos, ESET and Bitdefender).
- I don't own the licences, I don't show the whole panel and I hide the owner.
- Many thanks to @kamiloxf for the licences ;)



Sophos offers a very simple agent and a fairly simple yet comprehensive panel.
The software is easy to set up, so I set it to maximum.

On the Web, Sophos leaves 1 malware which is ConnectWise.
Nothing to say about the fake crack.

Malware Pack: remains 58 out of 122.
Sophos's behavioural protection is very average...
It will try to defend itself as best it can (it managed to block a few attacks) but during the test, not everything went as I expected.
During execution, ConnectWise activated and gave me a magnificent block (often used by "Microsoft Tech Support" crooks) and I had to restart the machine by force.
When I continued, the situation got worse... Sophos left a BATCH script that installed a Ransomware without reacting.
I have to stop the test.

CheckPoint is evolving and offering a new interface that's more polished and elegant for my taste! It's still in BETA, but I'm activating it to check it out.
On the Web, CheckPoint lets through a malicious Google Chrome download, although the dropper is detected afterwards.
There's nothing to say about the fake crack detected either.

Malware Pack: Remains 26 out of 122

CheckPoint proves its performance by blocking all the traps I set for it.
The HTA file is blocked, so it cannot connect.
1 file remains in memory, detected by no antivirus.
Just 1 trace of infection is present at the end of the test.

ESET offers an enterprise version based on Smart Security Premium. I'm integrating its EDR for the test.
Surprisingly for ESET, everything is configured on the agent! Few settings are available on the panel... It's a debatable choice, but let's move on.

On the Web, ESET blocks all links by blocking them at source.
On the fake crack, nothing to say, ESET blocks executions.

Malware Pack: remains 34 out of 122.

ESET has held on to executions, and is starting to react well to scripts.
When GuLoader tries to install itself, ESET prevents it from connecting, a good point!
On the other hand, the same script that killed Sophos passes through without reacting and installs the Ransomware... ESET is unable to stop it, nor to remedy this with its EDR.
Quite disappointing. :(

Bitdefender has updated its GravityZone version and FINALLY has an excellent panel, which is very comprehensive, if not too comprehensive!
You can now configure everything: Engine aggressiveness, IDS aggressiveness, HyperDetect aggressiveness etc.
I also activated the Bitdefender Sandbox for the test.

On the Web, everything is blocked except Google Chrome, which installs itself.
On the fake crack: Bitdefender blocks all launches.

Malware Pack: remains 36 out of 122.

After an analysis that lasted over 1 hour, I can finally run the threats.
And I have to say I'm very surprised: Bitdefender makes a totally clean machine! No malware got through!
This is down to its proactive protection and HyperDetect, which correctly blocked the threats.
The detection of NPE is a false positive, it's the blocking of Microsoft telemetry.
I was very surprised!
Click to expand...

First come, I'm watching ;)
 
  • Like
  • Thanks
Reactions: Khushal, piquiteco and Shadowra
Lavamate

Lavamate

Level 1
Sep 2, 2022
24
I am surprised that ESET is not only bad with ransomware in the home version, but also in the business version.

However, I have to say that I recommended Eset to the whole family 9 years ago because it simply worked well and was trouble free. And even then, only one person had problems, and that was with some ransomware that had partially encrypted the hard drive. After that, of course, nobody wanted to use it any more :D Quite sad that they still havent got to grips with it.

@Shadowra , would you agree with my thesis that, based on the current tests and the contributions of other users here in the forum, it can be said with a high degree of certainty that Bitdefender is currently developing the best antivirus solution in and from the EU?
 
  • Like
  • Thanks
Reactions: oldschool, Pat MacKnife, Khushal and 5 others
Shadowra

Shadowra

Level 38
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,773
Lavamate said:
@Shadowra , would you agree with my thesis that, based on the current tests and the contributions of other users here in the forum, it can be said with a high degree of certainty that Bitdefender is currently developing the best antivirus solution in and from the EU?
Click to expand...
yep ;)
 
  • Like
Reactions: oldschool, Khushal, Trident and 4 others
Shadowra

Shadowra

Level 38
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,773
simmerskool said:
@Shadowra can you comment on the heaviness (lightness) of these 4? I have tried Bitdefender in the past but always backed away because it felt too heavy or unsmooth. Or is it the better the protection the clunkier they run??
Click to expand...

Sohos is light except when it comes to
Checkpoint has fairly average consumption
Eset is very light
Bitdefender is a consumer, but no impact felt
 
  • Like
  • Thanks
Reactions: Nevi, Miravi, oldschool and 5 others
TuxTalk

TuxTalk

Level 14
Verified
Top Poster
Well-known
Nov 9, 2022
699
Shadowra said:
yep ;)
Click to expand...
They do, but for me the most bothering thing is, the stupid ( in my opinion ) dashboard they use, the weird update policy, and the bugs that never stop. I stopped using anything from them, even their vpn is not accurate. With all these kind of issues for me , Bitdefender is not trustworthy to use anymore, i am in a email / support battle with them for long and they intend to just close any open tickets without feedback to the customer.
They should really hire new more customer friendly people on customer support.
 
  • Like
Reactions: Nevi, Miravi, oldschool and 5 others
cartaphilus

cartaphilus

Level 12
Well-known
Mar 17, 2023
598
Shadowra said:
Welcome to this comparison!
Today we're going to compare 4 enterprise versions of antivirus software: Sophos InterceptX, Checkpoint Harmony, ESET Protect + EDR and Bitdefender GravityZone with HyperDetect.

A few details:
- All the antivirus products have been configured to the maximum for this test, and the default test was carried out 1 month ago.
- I add the EDRs offered by the suppliers if they offer them (this is the case with Sophos, ESET and Bitdefender).
- I don't own the licences, I don't show the whole panel and I hide the owner.
- Many thanks to @kamiloxf for the licences ;)



Sophos offers a very simple agent and a fairly simple yet comprehensive panel.
The software is easy to set up, so I set it to maximum.

On the Web, Sophos leaves 1 malware which is ConnectWise.
Nothing to say about the fake crack.

Malware Pack: remains 58 out of 122.
Sophos's behavioural protection is very average...
It will try to defend itself as best it can (it managed to block a few attacks) but during the test, not everything went as I expected.
During execution, ConnectWise activated and gave me a magnificent block (often used by "Microsoft Tech Support" crooks) and I had to restart the machine by force.
When I continued, the situation got worse... Sophos left a BATCH script that installed a Ransomware without reacting.
I have to stop the test.

CheckPoint is evolving and offering a new interface that's more polished and elegant for my taste! It's still in BETA, but I'm activating it to check it out.
On the Web, CheckPoint lets through a malicious Google Chrome download, although the dropper is detected afterwards.
There's nothing to say about the fake crack detected either.

Malware Pack: Remains 26 out of 122

CheckPoint proves its performance by blocking all the traps I set for it.
The HTA file is blocked, so it cannot connect.
1 file remains in memory, detected by no antivirus.
Just 1 trace of infection is present at the end of the test.

ESET offers an enterprise version based on Smart Security Premium. I'm integrating its EDR for the test.
Surprisingly for ESET, everything is configured on the agent! Few settings are available on the panel... It's a debatable choice, but let's move on.

On the Web, ESET blocks all links by blocking them at source.
On the fake crack, nothing to say, ESET blocks executions.

Malware Pack: remains 34 out of 122.

ESET has held on to executions, and is starting to react well to scripts.
When GuLoader tries to install itself, ESET prevents it from connecting, a good point!
On the other hand, the same script that killed Sophos passes through without reacting and installs the Ransomware... ESET is unable to stop it, nor to remedy this with its EDR.
Quite disappointing. :(

Bitdefender has updated its GravityZone version and FINALLY has an excellent panel, which is very comprehensive, if not too comprehensive!
You can now configure everything: Engine aggressiveness, IDS aggressiveness, HyperDetect aggressiveness etc.
I also activated the Bitdefender Sandbox for the test.

On the Web, everything is blocked except Google Chrome, which installs itself.
On the fake crack: Bitdefender blocks all launches.

Malware Pack: remains 36 out of 122.

After an analysis that lasted over 1 hour, I can finally run the threats.
And I have to say I'm very surprised: Bitdefender makes a totally clean machine! No malware got through!
This is down to its proactive protection and HyperDetect, which correctly blocked the threats.
The detection of NPE is a false positive, it's the blocking of Microsoft telemetry.
I was very surprised!
Click to expand...

NOOOO ESET let one file through! NOW I have to rebuild my whole architecture!!! Years and Years of planning and designing the perfect secure network and now this?!!!! /probably someone out there.


But honestly, I am glad that Bitdefender Gravity Hyperdetect did it's thing. I am still kind of upset with Harmony, for the amount of resources it uses one would expect a perfect result but something always seems to get past it. Oh well.

I would understand a crack getting past the EDR since the AI patterns are trained more towards enterprise solutions and attack vectors, not many enterprise partners use cracked software :). But for an ransomware to get through yeah that's no bueno.

Great test! And thank you!
 
  • HaHa
  • Like
  • +Reputation
Reactions: Nevi, Miravi, oldschool and 5 others
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,375
cartaphilus said:
I am still kind of upset with Harmony, for the amount of resources it uses one would expect a perfect result but something always seems to get past it. Oh well
Click to expand...
A bit exaggerated. On many @Shadowra tests, specially the ones that were performed with my configurations and rules, nothing could get past it.

The amount of resources it consumes is in line with most of the EDRs and the job it does, and can further be reduced if one wants it reduced.

Harmony on this test also has the highest pre-execution protection, 26 remaining vs 58, 36, 34. Harmony is in a different cluster of its own.

That for that.
 
  • Like
  • +Reputation
  • Hundred Points
Reactions: Oldie1950, Khushal, oldschool and 5 others
cartaphilus

cartaphilus

Level 12
Well-known
Mar 17, 2023
598
Trident said:
A bit exaggerated. On many @Shadowra tests, specially the ones that were performed with my configurations and rules, nothing could get past it.

The amount of resources it consumes is in line with most of the EDRs and the job it does, and can further be reduced if one wants it reduced.

Harmony on this test also has the highest pre-execution protection, 26 remaining vs 58, 36, 34. Harmony is in a different cluster of its own.

That for that.
Click to expand...
Don't get me wrong, I love it. But I do find it heavier on the RAM/Resource (it has MANY processes running) and it tends to be a bit more sensitive regarding false positives and a bit of a pain to exclude the item once falsely detected (but that's personal opinion).

For example Harmony stopped Denuvo Antipiracy decryptor software which is perfectly fine from the science/tech point of view, I understand why it blocked it* but it was the only EDR that blocked it. It also shows off Harmony's deep AI links and reasoning in terms of what it seems to think what even a signed software be doing when it's executed considering that some of the function might appear malicious.

*DENUVO is basically a very deep hooking rootkit that defends itself with amazing ferocity as it should.
 
Last edited:
  • Like
  • HaHa
Reactions: Miravi, Khushal, oldschool and 2 others
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,375
cartaphilus said:
Don't get me wrong, I love it. But I do find it heavier on the RAM/Resource (it has MANY processes running) and it tends to be a bit more sensitive regarding false positives and a bit of a pain to exclude the item once falsely detected (but that's personal opinion).

For example Harmony stopped Denuvo Antipiracy decryptor software which is perfectly fine from the science/tech point of view, I understand why it blocked it* but it was the only EDR that blocked it. It also shows off Harmony's deep AI links and reasoning in terms of what it seems to be malicious even though the software was signed.

*DENUVO is basically a very deep hooking rootkit that defends itself with amazing ferocity as it should.
Click to expand...
They reduced now the resource consumption in 88.70, make sure you’re running that. Yes, for harmony digital signatures don’t matter. If it looks malicious, it is malicious. We’ve seen what trusting digital signatures leads to — it’s not pretty.

That’s one of the trade offs when you deal with business-oriented companies like Check Point, Trend Micro and so on — they execute protection in a way that’s suitable for businesses and may not always tickle the home users fancy.
 
  • Like
  • +Reputation
Reactions: Oldie1950, Khushal, oldschool and 2 others
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,375
Btw I abstain from commenting on Harmony, because I remember the explosive drama that happened last time, because of which, I stopped posting anything here whatsoever. So won’t comment on this thread anymore or on any Harmony-related topics.
 
  • Like
  • Sad
  • Wow
Reactions: Lavamate, Miravi, Khushal and 6 others

Similar threads

Shadowra
    • +Reputation
    • Like
    • Thanks
App Review CheckPoint vs Eset Protect vs GravityZone
Replies
86
Views
7,281
Video Reviews - Security and Privacy
SeriousHoax
SeriousHoax
Shadowra
    • Like
    • +Reputation
    • Applause
App Review Shadowra's Big Comparative - Episode 3 Entreprise Antivirus
Replies
64
Views
8,011
Video Reviews - Security and Privacy
anirbandutta01
anirbandutta01
NB InfoTech
App Review Battle: Bitdefender Free Antivirus vs Comodo Free Antivirus | Test and Review | 2025
Replies
1
Views
554
Video Reviews - Security and Privacy
Bot
Bot

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top