Expert Insights Verdict
Action1 is an excellent option for small-to-medium teams looking for a straightforward and affordable patch manager. It’s easy to use, easy to deploy, and has a great feature for automating patch deployments safely.
Pros
-
Quick setup; only takes around five minutes per device
-
Free for the first 200 endpoints
-
The "Update Ring" feature is a clever way to test patches safely
-
Good visibility into endpoints and vulnerabilities
-
Easy to deploy or remove software across devices, with group options
Cons
-
Limited Mac software repository—just 28 apps compared to 218 on Windows - though it’s important to note this is regularly updated
-
No remediation for vulnerabilities without an available update; it relies on third-party fixes
-
Custom software requires manual management, which adds some overhead
Action1 Overview
Action1 is a patch management tool designed to help you manage software across all your endpoints. Whether you’re installing, repairing, or removing software, Action1 aims to give you visibility and control over your devices. This includes real-time assessments of missing patches, and compliance reports.
How does it work?
Action1 is deployed via a lightweight agent to all endpoints within an organization. It is then managed via a centralized console that provides visibility over all endpoints with the agent deployed. For initial deployment, Action1 also supports onboarding on multiple devices, which helps to seamlessly roll out the service to all users.
The platform supports both Windows and Mac devices.
- Admins can deploy software patches from a pre-existing library, which is maintained by Action1 team, and you can add custom uploads as required by your organization.
- You can configure automations can be configured to automatically update software under certain conditions.
- Action1 analyzes all software installed on an endpoint and identifies whether the version of the software is outdated, and if any vulnerabilities are present.
Vulnerabilities are ranked in order of Critical to Low. Action1 can automatically patch these vulnerabilities by updating the software to the latest version.
In a nutshell, Action1 helps to minimize the hassle of patch management, making the whole process seamless and pain free. It’s very easy to monitor all your devices, as well as being quick to setup. The platform is modern and user friendly. It’s also very cost effective. The first 200 devices are free, and the enterprise costs are very competitive.
- Action1’s HQ is in Houston, Texas. They have a global customer base and are a hot company to watch, reaching 327% YoY Growth in 2024.
Setup And Deployment
Getting started with Action1 is very straightforward. You begin by installing an agent on your devices—Windows or Mac, it supports both. The setup took our team about five minutes on my Mac, which is great. Their documentation is very detailed, but most users likely won’t need to use it for deployment. The process is just as easy for Windows devices.
- Once the agent’s installed, it integrates seamlessly into your workflow. For a new employee device, for example, you’d install the agent, and from there, you can push all the necessary apps and updates. It’s quick and feels like it could easily fit into a standard onboarding process.
Key Features
Admin Console
From the Action1 dashboard, you can see an inventory of all endpoints and their installed software, and any vulnerabilities and missing updates. You can access a quick overview of vulnerabilities that need remediating, and you can view your compliance status. There is a lot of depth in the reporting available with this platform.
- The dashboard is where Action1 shines. It gives you a clear view of all your connected endpoints—how many devices you’ve got, the operating systems they’re running, who’s using them, and what software’s installed.
- It also highlights vulnerabilities in that software, pulling in details like related CVEs (Common Vulnerabilities and Exposures). For instance, if Google Chrome has a known issue, Action1 will flag it, show you the CVE, and tell you what’s affected.
There’s an automation tab where you can set up rules to deploy software, push updates, or even reboot devices. You can also remove software directly from user devices if required, helping out with broader endpoint management use cases. You could set up automations to automatically uninstall out-of-date applications with high-security vulnerabilities. Action1 also offers a remote access feature for Windows machines.
The interface is modern and easy to navigate. After just a few minutes using the platform, everything clicked. For admin teams using it daily, it’s a breeze to pick up.
Software Library And Vulnerabilities
Action1 maintains a software repository—including key apps like the Adobe suite, Microsoft Office suite, and Slack—that they keep updated with latest patches.
- On Windows, they support 218 apps, which is good coverage for most users. On Mac, it’s slimmer, just 28, which can be somewhat limiting. It’s important to note, the list of applications is steadily increasing alongside the regular release of new features. You can also add custom software to the platform.
- From the console, you can view a list of all endpoints and installed software. You can also manage endpoint security configurations remotely and deploy security software to servers and workstations.
Automated Patch Management
You can add automations and scrips to automatically remediate vulnerabilities and install patches when available. One of our favorite features is the “Update Ring.” This lets you roll out patches in stages—like an alpha test to five devices first, then a wider group if it’s successful. This helps to avoid friction caused by faulty software updates.
You can also manually install patches or choose to ignore patches that may not be needed.
For custom or unsupported software, you’d need to upload updates manually and mark vulnerabilities as resolved once you’ve fixed them in-house. That could require some management overhead. An Action1 Rest API is available to connect directly into your custom IT infrastructure and business processes, for which there is no extra charge.
It’s very easy to monitor and approve patches for different users and groups. You can also see a real-time list of all CVEs that have been released for software and applications being used by your team. This is all available in the admin console.
One thing to note: Action1 isn’t built for zero-day vulnerabilities or unknown threats. It’s not endpoint protection—it’s strictly patch management. If there’s no update available for a vulnerability, it won’t fix it for you. For example, if Chrome has an issue and Google hasn’t patched it yet, Action1 flags it and leaves it to the third party.
- That said, if an app’s critically outdated, you can uninstall it across all endpoints with a few clicks, which is extremely useful.
The platform is very fast, easy-to-use, and in our testing has been effective at pushing out patches.
Update Ring
As mentioned above, one of our favorite features of the Action1 platform is the ‘Update Ring.’
This enables you to roll out updates in stages. It starts with a small group of users, then rolls out to larger and larger groups. The benefit of this is that any issues with new patches or software updates can be found and limited, rather than going for a ‘waterfall’ type deployment, where everyone has the same problems at the same time.
When building an Update Ring, you can apply a variety of filters and it automatically evaluates key metrics, such as deployment counts, which are used to decide whether an update should roll out to the next group of users.
We found it very straightforward to configure and deploy Update Rings. It was also very easy to monitor the status of each Ring within the admin console.
Compliance And Security
On the compliance side, Action1 checks all the key boxes. It is certified by independent auditors for SOC 2 Type II and ISO/IEC 27001:2022 and follows best practices for PCI DSS, SOX, HIPAA, GDPR, and NIST.
All endpoints connected to the Action1 Cloud communicate via a secure, end-to-end encrypted channel using 2048 RSA private keys. Multi-factor authentication is enforced for all users by default.
The platform offers comprehensive reporting out of the box, and you can also build custom reports and schedule them as frequently as needed for compliance purposes.
Pricing
Action1’s pricing is very attractive for small teams. The first 200 endpoints are free, which is a big win for small teams or anyone testing it out. Beyond that, you’ll need to request a quote. Visit Action1’s pricing page here.
Final Verdict
Overall, Action1 is an excellent option for teams looking for an automated, easy-to-use, affordable patch management solution. There are some great features – like the “Update Ring” – and the free tier makes it accessible for small teams.
If you’ve got a lot of custom apps or need advanced zero-day protection, you might find it’s a bit more complex to setup. But for small-to-medium teams looking to manage patches and endpoints without stress or hassle, it’s a top option to consider. Check out their demo to learn more.
