Endpoint performance recommendations?

Hi,

we are a new partner coming from an ESET ecosystem, looking to replace it with Sophos for our customers, since we are using XGS and it makes sense to integrate Endpoint as well.

While testing Intercept X in our environment first, my developers are not happy.

Even start of MS SQL SSMS, Visual Studio 2022 and older VS is very slow with all endpoint services active.

Performance is OK when realtime scan and deep learning is disabled (talking about twice the time of load with Sophos)

So my question is, what can I do with this?

I would imagine that running app gets some hash or in first scan and then it is not impacted that much during further scans (at least ESET had it like this and performance was OK).

And yes, I can just exclude SSMS and VS from the scans, but where is the security in that...

Thank You for all suggestions etc.