Rapid7 announced the release of Active Patching, a fully automated patching and remediation solution integrated into Rapid7’s Exposure Command solution.
Powered by Automox, Active Patching empowers security and IT teams to proactively mitigate risk across vulnerable assets. The pace at which attackers exploit zero-day vulnerabilities and misconfigurations continues to accelerate. At the same time, traditional patching methods often leave critical gaps due to delays, complexity, and limited coverage. Active Patching within Exposure Command addresses this challenge by automating risk remediation and providing continuous, real-time visibility into which systems require patches and which have no available fixes. Powered by Automox’s Autonomous Endpoint Management platform, this new solution provides security and IT teams with another powerful way to prioritize effectively and accelerate response times with Exposure Command. The result is a proactive and compliant security posture that addresses vulnerabilities head-on.
“The visibility and context Exposure Command delivers is unmatched—it’s not just about seeing where you're vulnerable, it's about knowing exactly what to do next,” said Craig Adams, Chief Product Officer at Rapid7. “We’ve built a platform that doesn’t just highlight risk—it contextualizes it. Active Patching is another way that Rapid7’s Command Platform turns insights into action, enabling teams to automatically remediate vulnerabilities or apply compensating controls in real time, even when a patch doesn’t exist. That’s the difference between reactively managing vulnerabilities and proactively eliminating exposures.”
Active Patching augments Exposure Command’s complete attack surface visibility, native and third-party vulnerability management, and enriched threat intelligence, with automated patching and remediation capabilities from Automox, providing organizations the following:
- Impact-driven, scalable mitigation: Efficiently reduce risk and eliminate manual processes by automating remediation actions across multiple assets at once.
- Threat intelligence embedded into every finding: Remediate risks automatically and with confidence by knowing which vulnerabilities impact mission-critical assets by combining contextual insights, dynamic risk scores, and actionable threat intelligence from Rapid7 Labs.
- Actionable risk acceptance: Protect assets without known fixes via an expansive array of pre-built virtual patching templates that can help automatically configure endpoints and prevent attacks targeting unpatched systems.
- Automated remediation workflows: Leverage hundreds of out-of-box actions to automate risk remediation, drive compliance, and respond to vulnerabilities faster.
- Closed-loop vulnerability management: Continuously view the status of all deployed patches to establish trust that vulnerabilities have been properly mitigated.
- Unmatched patching and configuration coverage: Automate fixes across almost any device, including Linux, macOS, and Windows operating systems and their third-party software.
“Modern security demands more than just knowing where you’re exposed—it requires the ability to take action, fast. Our partnership with Rapid7 brings that capability to life,” said Jason Kikta, CISO and Senior Vice President, Product at Automox. “By embedding our patch and configuration automation technology into Exposure Command, we’re enabling customers to go from identification to remediation in a matter of minutes, dramatically reducing risk while eliminating manual overhead.”
The Latest
Most organizations approach OpenTelemetry as a collection of individual tools they need to assemble from scratch. This view misses the bigger picture. OpenTelemetry is a complete telemetry framework with composable components that address specific problems at different stages of organizational maturity. You start with what you need today and adopt additional pieces as your observability practices evolve ...
One of the earliest lessons I learned from architecting throughput-heavy services is that simplicity wins repeatedly: fewer moving parts, loosely coupled execution (fewer synchronous calls), and precise timing metering. You want data and decisions to travel the shortest possible path. The goal is to build a system where every strategy and each line of code (contention is the key metric) complements the decision trees ...
As discussions around AI "autonomous coworkers" accelerate, many industry projections assume that agents will soon operate alongside human staff in making decisions, taking actions, and managing tasks with minimal oversight. But a growing number of critics (including some of the developers building these systems) argue that the industry still has a long way to go to be able to treat AI agents like fully trusted teammates ...
Enterprise AI has entered a transformational phase where, according to Digitate's recently released survey, Agentic AI and the Future of Enterprise IT, companies are moving beyond traditional automation toward Agentic AI systems designed to reason, adapt, and collaborate alongside human teams ...
The numbers back this urgency up. A recent Zapier survey shows that 92% of enterprises now treat AI as a top priority. Leaders want it, and teams are clamoring for it. But if you look closer at the operations of these companies, you see a different picture. The rollout is slow. The results are often delayed. There's a disconnect between what leaders want and what their technical infrastructure can handle ...
Kyndryl's 2025 Readiness Report revealed that 61% of global business and technology leaders report increasing pressure from boards and regulators to prove AI's ROI. As the technology evolves and expectations continue to rise, leaders are compelled to generate and prove impact before scaling further. This will lead to a decisive turning point in 2026 ...
Cloudflare's disruption illustrates how quickly a single provider's issue cascades into widespread exposure. Many organizations don't fully realize how tightly their systems are coupled to third party services, or how quickly availability and security concerns align when those services falter ... You can't avoid these dependencies, but you can understand them ...
If you work with AI, you know this story. A model performs during testing, looks great in early reviews, works perfectly in production and then slowly loses relevance after operating for a while. Everything on the surface looks perfect — pipelines are running, predictions or recommendations are error-free, data quality checks show green; yet outcomes don't meet the ground reality. This pattern often repeats across enterprise AI programs. Take for example, a mid-sized retail banking and wealth-management firm with heavy investments in AI-powered risk analytics, fraud detection and personalized credit-decisioning systems. The model worked well for a while, but transactions increased, so did false positives by 18% ...
Basic uptime is no longer the gold standard. By 2026, network monitoring must do more than report status, it must explain performance in a hybrid-first world. Networks are no longer just static support systems; they are agile, distributed architectures that sit at the very heart of the customer experience and the business outcomes ... The following five trends represent the new standard for network health, providing a blueprint for teams to move from reactive troubleshooting to a proactive, integrated future ...
APMdigest's Predictions Series concludes with 2026 AI Predictions — industry experts offer predictions on how AI and related technologies will evolve and impact business in 2026. Part 5, the final installment, covers AI's impacts on IT teams ...