Action1 Endpoint Security and Patch Managment – Free Edition

Action1 is a cloud-based endpoint security and patch management system, accessible via a web-based console that allows you to manage your entire fleet of workstations. You can run live or schedule queries, configure real-time alerts, launch actions like deploy software or reboot computers, etc.

main screen 1

One of the main advantages of Action1 is the ability to pull data from all of your endpoints in real-time, without relying on any previously collected stale data. Whenever you run a query or run actions, you see the most current and up-to-date information. On top of that, thanks to the true cloud architecture from day one, it gives you almost unlimited scalability that effortlessly expands based on your workload and number of endpoints, without the need to manage any backend infrastructure. Managing 10 endpoints or 1 million endpoints is pretty much the same in the Action1 environment.

Read More

General overview

Action1’s management console allows you to get real-time security information from your entire network of endpoints using simple English language queries.


For example, you can type “installed software”, “peripheral devices” or “running processes” and almost immediately see live responses from all of your workstations, across the entire network. Query results can be exported into CSV or HTML formats for manual analysis or reporting purposes.


And here is a sample result of query execution:


Deploying software

Among many other endpoint management capabilities of Action1 is the ability to deploy software remotely. You can select a scope of computers, such as by OS version or process architecture (32 or 64-bit) as shown in the screenshot below:


Then you specify the location of an MSI file (from a network share or URL) with additional parameters and proceed to running action on selected computer as shown below:


Real-time alert

Action1 can trigger email alerts when something important happens, such as a new software package is installed or a network share is opened by a user. Alert rules are created based on queries. A few predefined alerts are automatically enabled for you upon creation of your Action1 account.

For example, you will get alerted on USB device usage, changes to installed software and network configuration. You can create more alert rules based on existing queries. To create a new alert rule, you can select a query and click “Create Alert”:


Other features

Many other types of queries and actions are available once you sign up for Action1. For example, there’s a set of actions that allow you to manage Windows services, view list of installed software, install Windows updates, manage startup programs, run generic PowerShell script, remotely restart computers, stop remote processes, manage network hardware, block USB devices, manage local user accounts, create scheduled tasks, add or remove registry entries and many other remote management actions and queries.


We’ve covered some cloud-based platform before, i.e. Sophos Home. Action1 is another great one that can be added to the same category. It can be used for free for unlimited number of endpoints with some limitations. Give it a try, whether you run a network sized in a single house or a mid to large corporate network.

Action1 free edition