Automox is an endpoint management platform built for the era of autonomous operations. It provides a cloud-native foundation that unifies automation, speed, visibility, and trust.
$1
per month per endpoint
ThreatDown, powered by Malwarebytes
Score 9.2 out of 10
N/A
ThreatDown (formerly Malwarebytes for Business), combines Malwarebytes' endpoint security capabilities in four bundles. The basic Core tier includes incident response, Next-gen AV, device control, vulnerability assessments, and the ability to block unwanted application.
$345
per year 5 endpoints (minimum)
Pricing
Automox
ThreatDown, powered by Malwarebytes
Editions & Modules
No answers on this topic
Core
$345
per year per endpoint (minimum 5)
Advanced
$395
per year per endpoint (minimum 5)
Elite
$495
per year per endpoint (minimum 5)
Ultimate
$595
per year per endpoint (minimum 5)
Offerings
Pricing Offerings
Automox
ThreatDown, powered by Malwarebytes
Free Trial
Yes
Yes
Free/Freemium Version
No
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
Automox can patch macOS, Windows, and Linux endpoints with PatchOS, an offering at $1 per endpoint/ month with an annual commitment.
The Automate Essentials or Automate Enterprise packages are for scaling IT automation, endpoint configuration, and software updates.
Modules are available with Automox Assist, a one-on-one remote endpoint control and assistance for helpdesk technicians.
Optional Add-Ons include server and mobile device protection. Server protection ranges from $129 to $179 per annum depending on service tier. Mobile security is $10 per device, no matter the service tier. A 10% discount is offered for choosing a two-year billing plan.
I was able to update browsera like edge and chrome which have updates every few days, automatically. No more emails to ask people to update edge or chrome. Display drivers and dell drivers are not visible for users, having Automox update them make it much easier for users as not all of the users are technical.
I think Malwarebytes is the best anti-malware company. I think it is well-suited for any situation and any device. I think Malwarebytes does the best on Windows and on MacOS. Also, Malwarebytes is always improving, and you can tell they are a company that stays on top of cybersecurity trends. If you have a tight budget or looking for the cheapest solution, then Malwarebytes may not be the solution for you. To clarify, I don't think Malwarebytes is that much more expensive compared to its closest competitors.
Protects against malware - No matter how much training you give end users on social hacking, there is always a breach at some point.
Protects against ransomware - Ransomware could spell disaster for a company...it could literally shut the doors for good.
Centralized administration - Without a terrific centralized method to manage all the systems being protected, it would require an extra position just to maintain all endpoints.
Server patching orchestration. There is no way to patch and reboot systems in order of importance, such as database servers before application servers.
Worklets for patching .net core and similar.
Worklets for removing unwanted Java installs or other unwanted software.
Integration with Tenable Vulnerability Management.
AI script development should be included at no additional cost; GPT or Gemini can be used instead for free and pasted into Automox. Why charge when others are free?
Official worklets are slow to be added or updated.
This is a software that just works. Once configured its a set and forget kind of tool that keeps things up to date and alerts me if something is wrong. I was able to work through an expansion project to deploy an additional 500 devices in almost no time and create a robust self-patching environment.
When I first used the tool in my home systems MANY years ago, I wished for a Business version. I was once at a focus group for a major antivirus company, and one attendee’s feedback to “what could we do better?” was “buy out MalwareBytes and add it to your tool”. I’ve used the Business version since it first became available, and have continued to be a dedicated user through the many iterations and improvements
It's great at what it does. We're able to veiw endpoints that are online in real time, and run scans on them to ensure they're still compliant. The software itself is very easy to use and set up on end points, with the main admin portal having a clean and very easy to understand set up
It simply works. It doesn't require the hand-holding and monitoring that some other solutions do. It's simple to deploy and maintain, and adding custom content such as Exceptions require minimal effort. I’ve had to add a few exceptions for internal-use, in-house-developed tools, but it’s quite simple to do so within the online interface
I did not need to reach out to support often but when I did the answers were relatively correct and they were answered quickly. The only thing I might "ding" their support on was their lack of understanding of OS's different from Windows and especially Linux. Other than that I was satisfied
As I mentioned, we have only email support. Their phone support was very expensive. If we ever have any issues, we have to email them and wait for their response. In most cases, I have figured out the issue on my own. The software is very stable so we haven't used their support much.
Implementing Automox successfully starts with a clear strategy for organizing and grouping devices based on operating systems, environments, or business criticality. This ensures that patching and configuration policies can be applied with precision. A phased rollout approach is essential—beginning with a pilot group allows teams to test patching schedules, reboot behaviors, and custom Worklets before scaling across the organization. Leveraging Worklets from the start can significantly boost automation by enforcing security baselines and performing routine system tasks. Integration with existing SOC tools, such as SIEMs, enhances visibility and response time by correlating patch compliance with threat intelligence. Additionally, aligning patching schedules with operational downtimes minimizes disruptions, and consistent monitoring and reporting helps maintain compliance and prepare for audits. Overall, Automox offers a streamlined and effective solution, but its true value is unlocked through thoughtful planning, testing, and integration with existing IT and security workflows.
I first implemented this more than 10 years ago, when it required an in-site setup with SQL Server (or SQL Express), and even that was pretty easy. With the move to centralized web management some treats ago, it’s become even easier to deploy
We felt that Automox provided us with the functionality our MSP offered, including OS and device patching, as well as remote control capabilities, but in a better and more manageable way. We also felt the usability of the tool gave us the ability to be effective in our way of working, as well as integrating with Rapid7 was a massive benefit for us.
It's no contest. Cisco AMP, Umbrella and Endpoint use vast amounts of resources and provide little protection when compared with Malwarebytes. One client recently replaced Cisco with MWB and found over 7,300 vulnerabilities on 352 endpoints, including 120 listed as Critical and 7,180 listed as High, with CVE's dating back to 2008.
Being a start up, we have pivoted our strategies a number of times. The pay as you go model has worked very well for us, and has prevented us from overprovisioning
The time saved pulling reports to provide to auditors has been well worth our small spend on the solution
We have no need to maintain a scanning tool or invest in hardware thanks to the SaaS nature of Automox
The ease of remediation has saved our IT team a number of hours manually installing, for example, the free version of Malwarebytes to remove infections, and then cleaning the machine up. Being able to centrally send commands to clean the device is much more efficient.
The centralised management has also alerted us to infections on machines that we might not otherwise have known about, as the existing AV had not detected them, saving us potential data loss, or system damage.
