What's New at Amplifier: July 2026

Purple-toned banner styled like a retro cassette tape, with "FRESH BEATS!" handwritten on the label. The Amplifier logo sits in the top left; bold white text on the right reads "New at Amplifier July 2026."

What's New at Amplifier: July 2026

Purple-toned banner styled like a retro cassette tape, with "FRESH BEATS!" handwritten on the label. The Amplifier logo sits in the top left; bold white text on the right reads "New at Amplifier July 2026."

Security teams lose more hours to chasing employees than to actual security work. The July 2026 Amplifier release is aimed at that gap: rapid response engagements that skip the scheduling queue, an expanded Automox integration, live training data from WorkRamp, and reminders employees can act on in one click. There's also a new Jamf case study with numbers worth borrowing for your next budget conversation.

Here's what shipped and how to use it.

Rapid response: skip the queue

Until now, an admin dealing with an active incident, a failed phishing test, or a fresh audit finding had one option: wait behind previously scheduled engagements. That delay lands exactly when exposure is highest.

Rapid response fixes the timing. Admins can now push urgent messages, phishing alerts, and specific training modules to a single employee or the entire company, immediately. No scheduling. No queue. Your team can act the same day a security event happens, and every delivery and completion is tracked, so the response holds up when auditors and boards ask what happened next.

Automox: expanded integration now available

Automox builds patch management software. Automox also runs Amplifier internally to hold its own fleet accountable, which tells you something about how well the two products fit together.

This release deepens the integration. Employees can now schedule required updates, reboots, and any worklet for a time that works for them, inside the windows IT defines, instead of absorbing a forced restart. Messaging urgency scales automatically as SLA deadlines approach. Every completed, delayed, or missed action shows up in real time and feeds straight into audit-ready risk reporting.

Automox joins a growing set of endpoint remediation connectors. You can browse the full integration list to see what's supported today.

WorkRamp: overdue training becomes a live finding

Overdue training is one of those problems that generates work without generating security. Someone exports a report from the LMS, cross-references it against the org chart, and starts sending emails. Repeat monthly.

Amplifier's expanded WorkRamp integration pulls Courses, Users, and Course Assignments directly into the platform. Amplifier handles pagination and call sequencing, so training data streams in continuously once the integration is connected. Overdue trainings surface as tagged findings on the employee's record and drop straight into similar remediation flows Amplifier already runs for an unpatched CVE or a missing agent.

Amplifier works with what you already have. For any team running WorkRamp, training completion becomes a live, verified signal, with no rip-and-replace required.

Reminders that let employees act in one click

June's release taught reminders to respect the calendar. July teaches them to carry their own context.

When an employee schedules a fix for later through Slack or Teams, the reminder now says exactly what was scheduled and includes a one-click button to act right there. No hunting back through old messages to figure out what you were supposed to do. Fewer steps mean fewer fixes that quietly slip.

New case study: 77% of a fleet patched in a week

Jamf and Amplifier published a case study on closing the remediation gap. The workflow: Jamf Protect flags a compliance gap, Amplifier attributes it to the right employee, then nudges them in Slack or Teams until it's fixed. No tickets required.

The numbers come from a national beverage distributor with roughly 1,900 employees. More than 1,000 iOS devices updated in one week, representing 77% of the mobile fleet, a job that previously took five IT staff about a month of manual outreach. Estimated savings: 809 hours.

Read the full story on the Jamf blog, or see how the Jamf integration works under the hood.

Summary

The July release closes the distance between a finding and a fix. Rapid response gets urgent engagements out the same day. The Automox and WorkRamp integrations turn patching and training completion into signals Amplifier can act on. And smarter reminders remove the friction between an employee's good intentions and a completed fix.

For a walkthrough of any of these capabilities, request a live, 20-minute demo today.

Frequently Asked Questions

Can Amplifier send urgent security engagements without waiting for a scheduled campaign?

Yes. Amplifier's rapid response capability, released in July 2026, lets admins bypass the engagement queue and deliver urgent messages, phishing alerts, or targeted training modules to one employee or the entire organization immediately through Slack or Microsoft Teams. Every delivery and completion is tracked, which gives security teams a verifiable, same-day response to active incidents, failed phishing tests, and audit findings, along with the reporting to prove the response happened.

How does the Amplifier and Automox integration work?

Amplifier connects to Automox so employees can self-schedule required updates, reboots, and worklets through Slack or Teams for a time that works for them, within windows IT defines. Messaging urgency scales automatically as SLA deadlines approach, and every completed, delayed, or missed action reports in real time into audit-ready risk reporting. Automox also runs Amplifier internally to manage its own fleet's patch compliance.

How does Amplifier handle overdue training in WorkRamp?

Amplifier's WorkRamp integration pulls Courses, Users, and Course Assignments directly into the platform, handling pagination and call sequencing so training data streams in continuously. Overdue trainings surface as tagged findings on the employee's record and enter the same remediation flows Amplifier uses for device and vulnerability findings, so a missed module gets resolved through automated engagement instead of a manual chase process.