We performed a comparison between Automox and Rapid7 Metasploit based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."Among the most valuable features are its ease of use and the Worklets. Both of them are time-savers. Worklets enable us to customize things for a given environment. It's something like when Apple lets other people create applications. Other peoples' Worklets can be used in our environment and in our customers' environments. That saves a lot of time, and it's really cool."
"The fact that it's just one product that can patch multiple operating systems is really great."
"Previously, we would run a report, scan it, and compare it. We were spending 15 to 30 minutes a month on each machine on this stuff because you would find stuff that wasn't up to date, then you had to fix it. This solution takes that time down to minutes. Automox saves us easily many hours a month."
"They've been adding some new features lately, which I'm not nearly as familiar with, but the ability to just deploy patches and exempt certain machines from certain patches is helpful. For instance, for our servers, we may not want to roll out zero-day patches. We are able to exempt those and make sure that they don't get those policies. We've got certain servers that have to run a particular version of Java, and being able to exempt those servers from receiving Java updates is pretty fantastic."
"Its flexibility is most valuable."
"Coming from prior solutions that were a lot more effort, Automox's patch management abilities are transformational. When I took over patching at my company, they were using on-premise architecture to patch. As the workforce shifted from being in the office into their home offices, I was able to lift and shift with no effort other than deploying the new agent out into the environment."
"The flexibility in creating tools to make changes on remote machines is most valuable to me. The reporting feature is also fantastic because on any given day I can bring up a list of machines that don't have patches, for example. Or I can bring up a list of machines that are in my environment on a certain day. The solution helps me with not only my own role, and what I look for internally myself, but it also helps during audits. I can go in and look at the number of machines in there, and their owners and timelines. It certainly helps tell a story for anything that IT requires."
"It's super easy to use and we haven't found anything easier."
"The Search Engineering feature is good."
"Stability-wise, I rate the solution a nine out of ten...Scalability-wise, I rate the solution a nine out of ten."
"The solution is open source and has many small targetted penetration tests that have been written by many people that are useful. You can choose different subjects for the test, such as Oracle databases or Apache servers."
"I don't have any other tools like it, and I always use it when I'm doing a pen test. Metasploit is a great solution for penetration testing,"
"The tool's most useful feature for penetration testing is its automation capabilities. With the professional edition, you can upload the results from Nessus in the Rapid7 Metasploit solution portal."
"All of the features are great."
"I use Rapid7 Metasploit for payload generation and Post-Exploitation."
"The greatest advantage of Rapid7 Metasploit is that it is the only system that can directly exploit vulnerabilities on the Metasploit platform."
"We would like to see additional detailed reporting for Service providers like us. We had to build our own reports via their APIs to meet our needs."
"They need to improve the automation features."
"The stability has come a long way from what it was like when it started and now it's really good."
"It should have integrated workstation access. So, there should be a remote desktop feature."
"Asset management would be a great feature to add to Automox. We would run easier scripts or more out of the box scripts that would help us in audits. \"
"As concerns the patching concepts, there's a bit of a learning curve in terms of working out how Automox wants you to work within the console, not only splitting up everything into groups, but then having the various policies assigned."
"The biggest area they need to fix, without a doubt, is the ability to copy and sync profiles and worklets between all of the organizations you manage, and the ability to have top-level user access control across all of the companies that you manage."
"When we bring on a new client, we need to go into that client and manually set up my account, my chief engineer's account, three technicians' accounts, and a billing person's account all over again, which is annoying. We have probably up to 15 or 16 of our clients on Automox now. For every single one of those, we have had to go in and set this up. Then, if anything changes, we have to remember to go to Automox and change it 15 or 16 times. So, we just want inheritable permissions, and that is it. We have talked to them about this, and they are like, "Yeah, we hear a lot of complaints about it." I am thinking, "Guys, I have been complaining about this for a year and a half. When are you going to do it?" It must be some tricky thing or not an easy fix, because I can only assume if it were easy, then they would have done it by now."
"Metasploit cannot be installed on a machine with an antivirus."
"The solution should improve the responsiveness of its live technical support."
"If your company's patch is not up to date, but you have other detection or defense solutions such as endpoint detection and response and antivirus software, the product exploit may not work effectively. This is because its exploit database update process is slow and not real-time. For zero-day vulnerabilities or new security threats, relying on Rapid7 Metasploit alone may not be effective."
"Better automation capabilities would be an improvement."
"The solution is not very scalable, it does not provide any automation to be able to scale it."
"We'd like them to offer better coverage of malware."
"I would like to see more capabilities, more functions, and more features. More types of attack vectors."
"Rapid7 Metasploit can add a GUI feature because it is only available online."
Automox is ranked 35th in Vulnerability Management with 10 reviews while Rapid7 Metasploit is ranked 11th in Vulnerability Management with 18 reviews. Automox is rated 8.8, while Rapid7 Metasploit is rated 7.6. The top reviewer of Automox writes "Monitors our devices irrespective of the location and the environment, allows us to exempt certain machines from certain patches, and has perfect patch management abilities". On the other hand, the top reviewer of Rapid7 Metasploit writes "Helps find vulnerabilities in a system to determine whether the system needs to be upgraded". Automox is most compared with Microsoft Intune, Microsoft Configuration Manager, BigFix, Tanium and Qualys VMDR, whereas Rapid7 Metasploit is most compared with Tenable Nessus, Pentera, Rapid7 InsightVM, Acunetix and Nucleus.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
