Automox is an endpoint management solution used to keep desktops, laptops, and servers updated and ready for users anywhere in the world. Using automation, IT can fix critical vulnerabilities and boost user productivity.
N/A
Rapid7 InsightVM
Score 8.9 out of 10
N/A
InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM also offers advanced remediation, tracking, and reporting capabilities not included in Nexpose.
$19
per GB
Pricing
Automox
Rapid7 InsightVM
Editions & Modules
No answers on this topic
Log Management
$19
per GB
Vulnerability Management
$22
per asset
insightIDR
$52
per asset
Application Security
$2,000
per app
insignConnect
Contact sales team
Offerings
Pricing Offerings
Automox
Rapid7 InsightVM
Free Trial
Yes
No
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
Automox can patch macOS, Windows, and Linux endpoints with PatchOS, an offering at $1 per endpoint/ month with an annual commitment.
The Automate Essentials or Automate Enterprise packages are for scaling IT automation, endpoint configuration, and software updates.
Modules are available with Automox Assist, a one-on-one remote endpoint control and assistance for helpdesk technicians.
—
More Pricing Information
Community Pulse
Automox
Rapid7 InsightVM
Features
Automox
Rapid7 InsightVM
Threat Intelligence
Comparison of Threat Intelligence features of Product A and Product B
Automox
-
Ratings
Rapid7 InsightVM
7.4
Ratings
7% below category average
Network Analytics
00 Ratings
5.30 Ratings
Threat Recognition
00 Ratings
7.00 Ratings
Vulnerability Classification
00 Ratings
9.30 Ratings
Automated Alerts and Reporting
00 Ratings
9.30 Ratings
Threat Analysis
00 Ratings
7.40 Ratings
Threat Intelligence Reporting
00 Ratings
7.00 Ratings
Automated Threat Identification
00 Ratings
6.70 Ratings
Vulnerability Management Tools
Comparison of Vulnerability Management Tools features of Product A and Product B
Automox is well-suited for managing workstations but lacks flexibility for server environments. It excels in scenarios where systems may not regularly connect to the corporate network but have internet access, ensuring devices can still check in and receive timely patches. This provides organizations with confidence in maintaining patch compliance across remote endpoints. However, effective use of Automox requires staff who are proficient in PowerShell scripting. The platform has limited native support for third-party applications, often requiring custom worklets to manage software updates. It performs best in environments that primarily rely on widely used, off-the-shelf software.
I think Rapid7 InsightVM is well suited for large enterprise customers with a lot of assets. It integrates well with a number of different ITSM solutions which I think is very good. There are not many CIS benchmarking tools on the market and Rapid7 InsightVM does a very good job at benchmarking. I think where Rapid7 InsightVM falls down a little is on false positive vulnerabilities. Sometime you there a few positive results on vulnerabily discovery. Tuning the settings for scan engines can sometimes be trick as well.
The API is also a great tool for us to automate lots of routine procedures like scan and report of asset(s) BY EMAIL.
Tagging. It helps sort out results and reports for respective assets Owner for remediation without a lengthy report including unnecessary information for that particular team.
SQL Reporting. It provides advanced reporting and export capabilities that you can not find in the stock report template.
Devices found and scanned are never removed. Removal must be done manually with no option for automation.
The database can be fragile. Ours quietly corrupted and progressively degraded until we had to restore and lose 6 months of data. Still didn't fix it and had to be rebuilt again losing all data.
Workflow for delegating remediation is supposed to be helpful, but can also become cumbersome.
Scheduling can become a nightmare if not monitored closely. We found jobs had failed to run because the server had gone offline. When the server came online, it did not try to run missed jobs. Running missed jobs all at once can overload the server, but searching for and launching a large number of missed jobs manually is a pain.
This is a software that just works. Once configured its a set and forget kind of tool that keeps things up to date and alerts me if something is wrong. I was able to work through an expansion project to deploy an additional 500 devices in almost no time and create a robust self-patching environment.
It is super simple to set up and deploy, Maintaining it also easy as pie. It gives great detailed information daily on patches that succeed and ones that fail as well. with remote, patching, scanning, and monitoring all in one pane it has saved us money hand over fist with the tools we no longer need to have for our organization.
While I think it is a great tool and platform, I believe it (like all tools and solutions) is always evolving and the needs for clients are changing as the industry evolves and threats are upgraded. Cost is good, and support is helpful. Some things could be more granular and others could be easier to understand
1. Simplicity and Ease of Use 2. Cross-Platform Support 3. Powerful Automation with Worklets 4. Real-Time Visibility and Control 5. Fast and Reliable Cloud-Based Updates 6. Strong Security Focus
I gave it a seven due to the functionality and general ease of use after the initial setup headaches, but compared to Qualys, Rapid7 Nexpose falls short on features and ease of use. Their support drags this rating down a point as well. I have gone weeks with no update on semi-critical issues and typically have to make call after call to get a semi-coherent response.
Implementing Automox successfully starts with a clear strategy for organizing and grouping devices based on operating systems, environments, or business criticality. This ensures that patching and configuration policies can be applied with precision. A phased rollout approach is essential—beginning with a pilot group allows teams to test patching schedules, reboot behaviors, and custom Worklets before scaling across the organization. Leveraging Worklets from the start can significantly boost automation by enforcing security baselines and performing routine system tasks. Integration with existing SOC tools, such as SIEMs, enhances visibility and response time by correlating patch compliance with threat intelligence. Additionally, aligning patching schedules with operational downtimes minimizes disruptions, and consistent monitoring and reporting helps maintain compliance and prepare for audits. Overall, Automox offers a streamlined and effective solution, but its true value is unlocked through thoughtful planning, testing, and integration with existing IT and security workflows.
We felt that Automox provided us with the functionality our MSP offered, including OS and device patching, as well as remote control capabilities, but in a better and more manageable way. We also felt the usability of the tool gave us the ability to be effective in our way of working, as well as integrating with Rapid7 was a massive benefit for us.
I think Tenable is very comparable and they are both leaders in this space. I evaluated both of them side-by-side and ultimately decided to go with Rapid7. Tenable did have a slight edge on the amount of information I was getting from the machines, but I landed on R7 because I found the features of the InsightVM tool to be more useful. They both get the job done, but I found InsightVM a better experience to use on a day-to-day basis and had better quality of life features that I was looking for.
Being a start up, we have pivoted our strategies a number of times. The pay as you go model has worked very well for us, and has prevented us from overprovisioning
The time saved pulling reports to provide to auditors has been well worth our small spend on the solution
We have no need to maintain a scanning tool or invest in hardware thanks to the SaaS nature of Automox
It certainly has a more positive impact than negative impact while performing the scans. Nexpose can find report vulnerabilities that our other scanner fails to identify during the scan because of its defined scan templates.
Also, even if the scan is not being performed due to some issues like reachability, whitelisting, etc. it will try to give scan results unlike QualysGuard which just marks the asset as unreachable.