Windows - Software Lifecycle - Install Rapid7 Insight Agent

What the Rapid7 Insight Agent Installer does

This Automox Worklet™ installs the Rapid7 Insight Agent on Windows endpoints. The Insight Agent provides real-time vulnerability assessment, endpoint detection and response (EDR), and asset visibility for organizations using the Rapid7 InsightVM or InsightIDR platforms.

The Worklet downloads the latest Insight Agent installer directly from Rapid7's S3 distribution URL and installs it using your organization's custom token. This token, configured as an Automox Shared Secret named "rapid7_token", links the agent to your Rapid7 platform instance.

The installation process uses a dedicated cache directory and includes proxy support. If the AUTOMOX_PROXY environment variable is set, the Worklet passes proxy configuration to both the download process and the agent installation arguments.

Why deploy Rapid7 Insight Agent through Automox

The Rapid7 Insight Agent is critical for organizations that use InsightVM for vulnerability management or InsightIDR for threat detection. Manual agent deployment across hundreds or thousands of endpoints requires significant IT resources and delays security coverage.

Automating Insight Agent deployment through this Worklet enables rapid security coverage expansion. You can deploy to new endpoints as they join your network, fill gaps in existing coverage, and maintain consistent agent versions across your fleet.

The Worklet integrates with Automox Shared Secrets to securely handle your Rapid7 installation token. This approach keeps sensitive credentials out of scripts while enabling automated deployment at scale.

How Rapid7 Insight Agent installation works

1. Evaluation phase: The Worklet searches Windows registry uninstall keys for "Rapid7 Insight Agent" in both 64-bit and 32-bit registry paths. If found, the endpoint is marked compliant. If not found, the endpoint proceeds to remediation.

2. Remediation phase: The Worklet verifies that the rapid7_token Shared Secret is configured, creates a cache directory, detects system architecture, downloads the MSI from Rapid7's S3 bucket (latest version), executes msiexec with CUSTOMTOKEN and optional HTTPSPROXY arguments, waits up to five minutes for completion, and removes the installer file.

Rapid7 Insight Agent installation requirements

• Active Rapid7 InsightVM or InsightIDR subscription

• Rapid7 Insight Agent installation token from your Rapid7 platform

• Automox Shared Secret named "rapid7_token" configured with your installation token

• Network connectivity to s3.amazonaws.com (or configured proxy)

• TLS 1.2 enabled for secure download

• Administrative privileges for software installation

Expected state after Rapid7 Insight Agent installation

After successful remediation, the Rapid7 Insight Agent appears in the Windows Programs list and registry uninstall keys. You can verify successful installation by checking the installed applications list in Control Panel or by searching for the application in the Start menu. The agent service starts automatically and begins communicating with your Rapid7 platform. The endpoint appears in your InsightVM or InsightIDR console within minutes.

Installation logs are saved to ProgramData\amagent\WorkletCache\WSE-458 for troubleshooting. The installer file is automatically removed after installation. Subsequent Worklet runs will detect the existing installation and exit without action.

How to validate install rapid7 insight agent changes

1. Run this Worklet on a pilot Windows endpoint and review evaluation output for install rapid7 insight agent.

2. Confirm Automox activity logs show successful completion and exit code 0.

3. Verify endpoint state using checks aligned to evaluation script logic, such as Secrets-Management, Write-Output.

4. Validate remediation effects from script operations such as Secrets-Management, Write-Error, New-WorkletCache, then rerun evaluation for compliance.