Install Rapid7 Insight Agent on macOS endpoints for continuous vulnerability scanning and threat detection
This Automox Worklet™ downloads and installs the Rapid7 Insight Agent on macOS endpoints. The Worklet first detects the endpoint's architecture (Intel x86_64 or Apple Silicon ARM64), then downloads the appropriate agent installer from Rapid7's servers.
The installation uses your Rapid7 User Token to register the endpoint with your Rapid7 account automatically. Once installed, the agent runs as a launchd service and begins scanning for vulnerabilities, misconfigurations, and security risks on your endpoints.
The Worklet includes built-in safety checks to prevent duplicate installations and handles cases where the agent exists but the service is not active.
Manual software deployment creates inconsistencies and delays across endpoints. Deploying Rapid7 Insight Agent at scale solves the vulnerability visibility problem across your macOS infrastructure. Without endpoint-level vulnerability scanning, security teams cannot detect compromised or unpatched systems until an incident occurs.
Using Automox to deploy the Rapid7 agent eliminates manual installation steps on hundreds or thousands of endpoints. The Worklet provides consistent deployment, standardized configuration, and immediate enrollment in your Rapid7 instance.
You gain continuous vulnerability intelligence, threat detection, and compliance visibility across your macOS fleet without requiring user intervention on each endpoint.
Evaluation phase: The Worklet checks if the Rapid7 Insight Agent is already installed by querying the launchd service list for the rapid7 service entry. If the service is active, no remediation is needed. If the agent directory exists at /opt/rapid7/ir_agent but the service is not running, the Worklet exits without reinstalling.
Remediation phase: The Worklet validates that the rapid7_token secret has been provided. It detects the endpoint's processor architecture using uname -p, then downloads the appropriate installation script (ARM64 for Apple Silicon, x86_64 for Intel). The script is executed with the install_start command and your Rapid7 token. The Worklet confirms successful installation by checking that the rapid7 launchd service is running and the agent executable exists at /opt/rapid7/ir_agent/ir_agent.
macOS 10.12 (Sierra) or later
Supported architectures: Intel x86_64 and Apple Silicon (ARM64)
Valid Rapid7 User Token stored as a secret input named rapid7_token
Administrative privileges to install system services
Network connectivity to download from us.storage.endpoint.ingress.rapid7.com
Active Rapid7 subscription with Insight Agent licensing
After the Worklet executes successfully, the Rapid7 Insight Agent runs as an active launchd service on the endpoint. The agent binary is installed at /opt/rapid7/ir_agent/ir_agent and communicates continuously with Rapid7's cloud infrastructure to perform vulnerability scans, security assessments, and threat detection. You can verify this change through the Automox Activity Log or by checking the endpoint configuration directly.
You can verify successful installation by checking the Rapid7 console for the endpoint's enrollment status and viewing vulnerability findings in your Rapid7 dashboard. The endpoint now appears in your Rapid7 vulnerability management program and receives continuous security monitoring.
Run this Worklet on a pilot macOS endpoint and review evaluation output for install rapid7 insight agent.
Confirm Automox activity logs show successful completion and exit code 0.
Verify endpoint state using checks aligned to evaluation script logic, such as function, return, else.
Validate remediation effects from script operations such as function, return, else, then rerun evaluation for compliance.


By submitting this form you agree to our Master Services Agreement and Privacy Policy.
Already have an account? Log in
Consider Worklets your easy button
A Worklet is an automation script, written in Bash or PowerShell, designed for seamless execution on endpoints – at scale – within the Automox platform. Worklet automation scripts perform configuration, remediation, and the installation or removal of applications and settings across Windows, macOS, and Linux.

AUTOMOX + WORKLETS™
Uncover new possibilities with simple, powerful automation.
By submitting this form you agree to our Master Services Agreement and Privacy Policy