Sophos Cloud Optix Reviews

My main use case for Sophos Cloud Optix is visibility into the cloud workloads. It helps us spot misconfiguration and quickly track compliance across Azure and on-premises or any public cloud. The automation alerts save us time, and it makes it easier to explain risk to non-technical stakeholders.

For example, in the last month we had an audit, and Sophos Cloud Optix flagged a misconfiguration in Azure where different resources were publicly client accessible. Normally, that would have taken us hours to catch manually, but the alert came right away. Fixing it before the auditors reviewed saved us a lot of stress and showed the team how valued the visibility really is.

Another way we use Sophos Cloud Optix is for compliance tracking across multiple accounts. For example, when we roll out new workloads in Azure, it immediately highlights IAM roles that did not meet our internal policies. Having that visibility upfront meant we could fix issues before they became audit findings, which saved the team a lot of rework.

The best features that Sophos Cloud Optix offers are its strong multi-cloud visibility and automated compliance tracking. For example, automated compliance continuously assesses against standards like different norms and helps me generate audits and ready reports instantly, saving weeks on manual efforts.

The automated compliance tracking in Sophos Cloud Optix has been a big help for us. During audits, it generates ready-to-use reports against standards like different norms, for example PCI, which saves hours of manual checks. Day to day, it continuously scans our cloud accounts and flags any drift from policy, so we do not wait until audit sessions to fix issues. The proactive visibility keeps our team confident and reduces last-minute surprises.

The AI capabilities in Sophos Cloud Optix have been solid for governance and security. It continuously analyzes cloud configurations against compliance frameworks, so we do not have to do manual checks for every account. The anomaly detection has flagged unusual IAM roles a couple of times, which helped us tighten access control. Overall, it gives us confidence that governance policies are enforced consistently across Azure or on-premises.

The output from Sophos Cloud Optix is reliable. The accuracy of compliance checks has been consistent, and we rarely see false positives. For example, when I flagged an issue with line item enroll activity, the alert was valid and actionable. The only area that could improve is fine-tuning sensitivity since sometimes minor deviations trigger alerts that are critical.

One area I think Sophos Cloud Optix could improve is the alert tuning. Sometimes we still get too many notifications that are not critical, which can feel overwhelming after a while.

One feature I have not mentioned yet is the integration with the DevOps workflows. Sophos Cloud Optix can scan infrastructure-as-code templates before deployment, which means our deployers catch misconfigurations early instead of publishing them into production. That has been a huge win for us because it reduces rework and keeps the security team aligned with engineering.

I would rate Sophos Cloud Optix an eight because it has been very effective for visibility and compliance, and it definitely reduces our audit time. The main reason I did not give it a nine or ten is that the alert tuning could be better and deeper integration with other tools will make it even stronger.

I have been using Sophos Cloud Optix for around two years.

Sophos Cloud Optix is stable.

The scalability of Sophos Cloud Optix is good.

The customer support for Sophos Cloud Optix is very good.

I have seen a return on investment, specifically in terms of the time saved.

Since adopting Sophos Cloud Optix, we have cut audit prep time by about 40 percent. It used to take a week of manual checks, but now it takes just a couple of days, thanks to automated reports. We have also seen a drop in misconfiguration incidents, roughly three fewer per quarter, because the alerts catch them early. The measurable improvements have freed up our teams to focus more on proactive security work instead of fire-fighting.

I have little experience with the pricing, setup cost, and licensing because I only deploy the solution but not the visualization, pricing, cost, and license.

One positive impact from Sophos Cloud Optix has been reducing audit stress. Before using Sophos Cloud Optix, our team spent days manually checking configurations across Azure and on-premises. Now, compliance reports generate in minutes, and we catch issues proactively. It has also improved collaboration between security and DevOps, with everyone working from the same dashboard, which has cut down on misconfigurations and sped up fixes.

My advice for anyone considering Sophos Cloud Optix is to start small and focus on the compliance tracking first. The feature alone can save a lot of time during audits. Also, take the time to fine-tune the alerts so they do not overwhelm your team. Once you get the balance right, the visibility across Azure and others is beneficial, and finally, involve both security and DevOps early because the shared dashboard makes collaboration much smoother.

I would share that Sophos Cloud Optix watches compliance made simple now, all this brainless stress. I rate this solution an eight overall.

I use Sophos Cloud Optix most of the time to harden our AWS infrastructure or Azure infrastructure, and sometimes I use it to meet different types of compliance requirements such as SOC 2 and ISO 27001.

I was working in a regulated company where the State Bank of the country is the regulator, so to provide them a compliance report, our infrastructure is optimized and there are no security gaps. I harden our cloud infrastructure and then provide the Sophos Cloud Optix report, which illustrates the current status of our security posture, helping me provide a detailed report.

I use Sophos Cloud Optix sometimes to find cost optimization gaps inside the cloud, such as unused resources, and the Sophos Cloud Optix dashboard explains very well about unused resources that must be deleted or taken care of, which helps us with cost optimization, including security groups that are created but not used.

I really appreciate most aspects of Sophos Cloud Optix, especially that we can set it up on AWS marketplace without needing to host a new machine. We can use their trial version where we can monitor a small number of resources without any additional cost.

Setting up Sophos Cloud Optix on AWS is not difficult at all, also because my team has experience with it, making it very easy and quick to set up a trial version that helps us see the initial posture of our security setup as we grow, and then they charge based on the cloud resources.

Sophos Cloud Optix impacts us positively in many ways, particularly in security, which is an important part. It is not just about fixing everything without a clear picture of what we have done to improve security, as there must be a portal explaining our progress, which I really appreciate, and it helps us save time and in optimization for performance and cost.

While I have not seen much for cost optimization as we have another great tool for it, Sophos Cloud Optix aids us to set up our infrastructure appropriately, making sure databases are in a private network, and if systems are wrongly set up, it helps us quickly mitigate those issues and provides a report indicating the problem.

I am really impressed with the way Sophos Cloud Optix provides its features, so I am not sure about any specific improvements needed.

I am really satisfied about the reports Sophos Cloud Optix generates, provided in a PDF format which is very useful for our recording purposes.

I believe there can be improvements in the logging mechanism, with more detailed information available about systems or network logs being beneficial.

I started using Sophos Cloud Optix for the first time three or four years back when I was working in a small fintech company.

I believe Sophos Cloud Optix is very scalable, as it automatically detects new resources in the cloud environment as it grows.

I have not connected with Sophos Cloud Optix customer support yet, but I had a bad experience when our AWS cloud got compromised, leading to many resources being provisioned, and while Sophos Cloud Optix identified those resources, the resulting bill from AWS was quite high due to the usage charges, which I tried to investigate with the Sophos team, though I am not sure if they assisted with the refund.

The initial setup process for Sophos Cloud Optix is really easy, just a few clicks, and you should be good to go.

I have not integrated Sophos Cloud Optix with other tools, but I believe there are many integration options available.

The learning curve for new users on my team with Sophos Cloud Optix is not much complicated, though new team members definitely need some training on how to add things together, collect reports, and gather information from the dashboard.

I definitely recommend using Sophos Cloud Optix, even for small customers, as it helps to view the security posture of your infrastructure. I would rate this product 9 out of 10.

Sophos Cloud Optix secures and monitors our cloud infrastructure across Azure and AWS. It has helped us identify misconfigurations, enforce compliance policies, and visualize network traffic in real time.

The best features Sophos Cloud Optix offers are its multi-cloud visibility, IAM-powered anomaly detections, and compliance automations.

The IAM capabilities and anomaly detection are two of the features that really help our team day-to-day. It maps out all identity and access management roles across clouds and provides continuous monitoring of traffic and user behavior.

The compliance and automation side of Sophos Cloud Optix is where it really streamlines our workflow. Continuous compliance monitoring means every new cloud resource is automatically checked against frameworks such as PCI. This is a very good feature.

A few areas where Sophos Cloud Optix could be improved, based on daily use, include deeper integrations. While it connects well with major platforms, more granular remediation automations are needed. Automated fixes are helpful, but sometimes we would prefer more control over how they are applied. For example, choosing between temporary versus permanent changes would be beneficial.

I have been using Sophos Cloud Optix for around two years.

Sophos Cloud Optix is stable.

Sophos Cloud Optix's scalability is effective.

The customer support for Sophos Cloud Optix is very fast.

I did not previously use a different solution before Sophos Cloud Optix.

Specific outcomes with Sophos Cloud Optix include misconfiguration prevention. Sophos Cloud Optix flagged several cloud storage instances with overly permissive access. Fixing this prevented potential data exposure and strengthened compliance with PCI.

Time saving has been one of the most impactful outcomes for us. Automated compliance checks reduced manual audit preparation by about two weeks per quarter. By automatically generating audit-ready reports, we have cut down manual audit preparation by about two weeks. External audits used to be a scramble. Now, reports are generated instantly, making the process smoother and less disruptive.

Prior to choosing Sophos Cloud Optix, I did not evaluate other options.

Sophos Cloud Optix is a great solution for different clouds. For me, Sophos Cloud Optix is a time save. I would recommend this solution to others looking into using Sophos Cloud Optix. I would rate this review a 3.

Sophos Cloud Optix is primarily used for cloud security posture management, and it is most often used to identify misconfigurations, ensure compliance, and monitor multi-cloud environments such as Azure or other clouds.

A recent example of how I use Sophos Cloud Optix to identify misconfigurations or ensure compliance is during a PCI compliance check where Sophos Cloud Optix identified missing encryption on certain databases, and fixing that ensured we passed the audit without delays.

The main use with Sophos Cloud Optix is continuous compliance, and it saves huge amounts of time by automating checks across Azure, for example. It also provides real-time visibility into assets and traffic flows, which helps prevent misconfigurations before they become risks.

The best features of Sophos Cloud Optix are its multi-cloud visibility, automatic compliance checks, and AI-powered anomaly detections, with the standout feature for most teams being continuous compliance automation, which saves weeks of manual audit work.

The automatic compliance checks in Sophos Cloud Optix work with continuous scanning of cloud assets against standards such as CIS Benchmark or PCI, instantly flagging misconfigurations such as open storage buckets or missing encryption.

One detail I really appreciate in Sophos Cloud Optix is the visual topology maps, which make it easy to see relationships between cloud assets and spot misconfigurations at a glance.

Sophos Cloud Optix has had a clear positive impact on my organization, improving compliance efficiency by cutting audit prep from weeks to minutes, thanks to automatic checks, and strengthening our cloud security posture with misconfigurations flagged before they become risks, resulting in reduced incidents and downtime.

My organization reports saving weeks on manual compliance work and reducing incident response times to minutes instead of hours.

I do not have any suggestions for improvements for Sophos Cloud Optix, and I do not have any additional improvements or features I wish were added.

I have been using Sophos Cloud Optix for around two years.

Sophos Cloud Optix is very stable with no problems regarding the availability of the tool.

Sophos Cloud Optix scales very well because it was built for multi-cloud environments, in my case Azure, and its automated compliance checks continuously apply standards across thousands of resources, meaning growth does not create an extra audit workload as the system adjusts dynamically.

Customer support for Sophos Cloud Optix has been very fast whenever I have had a case with them.

I have not previously used a different solution before Sophos Cloud Optix.

I did not evaluate other options before choosing Sophos Cloud Optix.

Sophos Cloud Optix delivers strong compliance automation, visibility, and AI-driven alerts that significantly save time and prevent incidents.

The AI capabilities of Sophos Cloud Optix are designed with governance and security in mind, enforcing responsible AI practices that ensure automated decisions are transparent and explainable, helping the organization trust the outputs while staying aligned with compliance frameworks.

The compliance automation feature in Sophos Cloud Optix has proven dependable, generating audit-ready reports that match regulatory standards without errors, building trust during audits and daily monitoring.

If you are considering using Sophos Cloud Optix, I recommend starting with compliance automation and leveraging multi-cloud visibility while integrating with DevSecOps.

I rate Sophos Cloud Optix an eight out of ten.

One primary use case for Sophos Cloud Optix is cloud visibility. I use it for compliance requirements and improving end user experience. The solution provides a unified dashboard for multi-cloud environments, allowing analysts to easily monitor assets.

I find Cloud Optix to be a valuable solution since it provides a single, unified dashboard to monitor cloud assets, such as AWS and Azure. It includes features like vulnerability management, allowing for visibility into cloud infrastructure at a granular level, highlighting potential loopholes, and suggesting corrective actions. This makes it valuable within a managed service provider's ecosystem or SOC ecosystem.

Sophos should enhance its AI-driven detection features and anomaly detection. The solution focuses on cloud security posture management. Fortinet, having acquired Lacework, seems to be a step ahead in this regard, emphasizing the need for Sophos to compete with standalone market leaders. Furthermore, integrating automation features like SOAR could significantly improve its functionality.

I rate the stability of Cloud Optix as eight out of ten.

I rate the scalability of Cloud Optix as nine out of ten.

I find Sophos support to be great, especially from a firewall perspective. However, I faced some issues while integrating the product with Azure or M365 into Cloud Optix. I suggest Sophos enhance their integration support to allow seamless integration without manual intervention.

Positive

I migrated from Symantec to several other products, as I work on multiple solutions like Sophos, CrowdStrike, Cortex XDR, Cygnal, and Microsoft Defender for endpoint security. Being an MSSP provider requires me to manage various security solutions.

I found the initial setup of Cloud Optix to be straightforward.

I find the price of Sophos solutions to be competitive. It is neither the cheapest nor the most expensive option available. There are other solutions in the market that are less expensive.

Cloud Optix hasn't been marketed aggressively in India compared to other Sophos products. It mainly faces competition from cloud-native solutions within AWS and Azure, as well as Lacework, which is gaining traction in the market.

I rate Sophos Cloud Optix seven out of ten overall. 

I recommend it for any size of company, considering their current ecosystem and workload. It's particularly suited for those in a Sophos ecosystem, or working with AWS and M365. An improvement in anomaly detection and integration with SOAR-type automation would make it even more competitive.

Sophos Cloud Optix is the endpoint scanner for the workstations at my company, and they control the firewall and the servers. So it provides endpoint protection with Sophos Firewall Manager.

It prevents malware and antivirus, so if you have a file on your system that you suspect to be malicious, it quarantines it and locks it away.

The most valuable feature for me would be the solution's endpoint protection.

I guess that customer training is an area that needs improvement. What I've noticed is that we are not best trained for the software we might purchase, where you might discover later, "you could do that" after buying tools or software to do the same thing you could do with just one tool or software.

The major issue that I would notice and know is that we are not always as best possibly trained for the software that we may purchase. So, after a while and after some digging, you may find out that software or tools could actually do something else. Then, you may end up buying two pieces of software to do the same thing that one could do. It's not a problem with Sophos but an issue across other pieces of software, including Veeam, which I would say is a rudimentary backup that you just use as a backup for virtual machines. You have alternative backups where you would only be backing up versions of what may have been updated, accounting for faster and more precise backups.

In the future, I would like to see email integration to deal with phishing and spam.

We have been using Sophos Cloud Optix for more than two years in our company. Also, I am not sure about the version of the solution I am using.

I would rate the solution's stability an eight out of ten.

I rate the solution's scalability a six out of ten.

I have never dealt with technical support.

The setup was a little bit complex. I would say that its complexity was at an intermediate level because its users had to set up their rules in Sophos, while in comparison, Coros would just require you to click a few buttons to build your filters and catchphrases, and after that, you can go forward.

I have experienced a return on investment using the solution in our company. We had a fair return on our investment.

Regarding the pricing for Sophos Cloud Optix, I would say that it was a very good price.

When I was looking around, I saw that Coro dealt with phishing and spam emails, and it really impressed me because that took a lot off of my plate.

For me to do it, I would have put rules that rerouted the emails to me, and then I would have to sit at my desk and release or check the emails coming through, whereas Coro moves it to a SysTrack folder, and you or any of the users can handle it as they go along.

I would suggest those planning to buy the solution get some good training on the solution since doing so can help you possibly do more than what you are currently doing.

I rate the overall solution a seven and a half out of ten.

I am using Sophos Cloud Optix for end devices for security, such as antivirus.

The most valuable feature of Sophos Cloud Optix is the simple way to manage my devices on the network. Additionally, it is easy to navigate and has a user-friendly interface.

There are times when the devices are at maximum capacity, and it takes a while before the device is updated. For example, if the device has a virus, and it's not aligned to connect to the network, even after you've scanned the device, and cleaned out the virus, once the management clears the system to allow it back on the network it takes some time. It can be frustrating when you have your line manager or in management affected trying to access the network.

I have been using Sophos Cloud Optix for approximately three years.

I rate the stability of Sophos Cloud Optix a seven out of ten.

We have approximately 150 devices using the solution. We do not have plans to increase usage.

I rate the scalability of Sophos Cloud Optix an eight out of ten.

I have used the support and my experience has been good.

I rate the support from Sophos Cloud Optix a seven out of ten.

Neutral

The initial setup of Sophos Cloud Optix is easy.

I rate the initial setup of Sophos Cloud Optix an eight out of ten.

We have received an ROI using Sophos Cloud Optix. We have saved time and increased the productivity, and efficiency of our systems.

I rate the ROI of Sophos Cloud Optix a seven out of ten.

I rate Sophos Cloud Optix an eight out of ten.

I typically use Cloud Optix for some of the vendors that I support. Some of our vendors have a cloud setup, and we need to manage their securities with Cloud Optix for regulatory reasons.

DLP is a valuable feature that we use a lot for info audits.

The dashboard and the process for applying policies could be more intuitive. Cloud Optix isn't that difficult once you get the hang of it, but the IT folks managing this want it to be more user-friendly.

Deploying the agents could be more seamless, too. Ideally, Cloud Optix would automate adding agents into your environment by integrating with Active Directory or some policy. 

I've been using Cloud Optix for about two years now.

Cloud Optix is way more stable than most solutions I've used. I've been using Sophos products off and on for nearly 10 years.

I was impressed with the scalability. Other competitors couldn't give me the same scalability that Sophos provides.

I rate Sophos support 10 out of 10. I've contacted them three times. I always get someone who takes care of my issues.

I compare Sophos with Symantec. Compared to Sophos, Symantec is like not having any protection at all, so once we deployed Sophos in multiple locations, we instantly had a sense of security. Sophos signs certain items that Symantec completely ignores.

The setup is primarily just deploying the agents and creating policies. We have a four-person team right now, but that's only our main location, and there are two people managing the solution. We're not using the cloud for regulatory reasons because that main location is a financial farm. The agents will fail if they aren't installed properly. You need to install them precisely the way Sophos recommends. 

I rate Sophos Cloud Optix nine out of 10.