AutoElevate (CyberFOX) is an admin-elevation tool that lets standard users request and receive privilege escalation for approved tasks. Lavawall® delivers the same outcome — controlled elevation for one-off admin tasks — bundled with patching, GRC, breach detection, and helpdesk in a single platform, without a kernel-level agent.
Where Lavawall® wins for MSPs
No kernel driver, so no BSOD risk and no driver-signing breakage when Microsoft ships a kernel update.
Elevation handled in the same console as patching, GRC, breach detection, helpdesk, and remote support — one bill, one vendor.
Cross-platform: standard-user elevation patterns are addressed on Windows, macOS, and Linux from one console.
No callback to the cloud required for policy enforcement on isolated endpoints.
Designed by an MSP / audit firm (ThreeShield, CISSP / CISA) — built around audit-evidence requirements (CMMC 2.0, NIST 800-171, CIS, SOC 2) so elevation events become compliance evidence automatically.
Per-named-agent helpdesk pricing means elevation requests can flow through Lavawall® tickets without per-seat charges.
Where AutoElevate wins
Mature elevation workflow purpose-built around the standard user request → technician approve loop.
Established footprint with MSPs that have standardised on the AutoElevate interaction model.
Tight integrations with multiple RMMs (ConnectWise Automate, Datto RMM, NinjaOne, etc.).
Specialised reporting around elevation events.
Feature comparison
| Feature | Lavawall® | AutoElevate |
|---|---|---|
| Standard user → on-demand admin elevation | Yes | Yes — flagship feature |
| Kernel driver required | No | Architecture varies; historically agent-based |
| Bundled application control / allowlisting | Yes — without kernel driver | Available via partner stack |
| Bundled patching (Windows / macOS / Linux) | 7,500+ applications cross-platform | Not included — relies on RMM |
| Bundled GRC framework mapping | 15+ frameworks | Not included |
| Bundled M365 / Azure / Entra ID breach detection | Yes | Not included |
| Bundled helpdesk and remote support | Yes — same console | Not included |
| Cross-platform (Windows, macOS, Linux) | One agent on all three | Primarily Windows |
| Pricing model | Bundled into Lavawall® tier | Per-endpoint subscription |
Who should pick which?
Pick Lavawall® if…
You want elevation, application control, patching, GRC, breach detection, helpdesk, and remote support in one platform with one bill.
You support a mix of Windows, macOS, and Linux endpoints and want consistent elevation patterns across all three.
Your audit and insurance work requires elevation events to flow into your compliance evidence automatically.
You have been burned by kernel-driver outages and want elevation without that failure mode.
Pick AutoElevate if…
You have already trained your technicians on the AutoElevate request/approval model and have it deeply integrated with your RMM and helpdesk workflows.
You need AutoElevate-specific reporting integrations or partner-stack arrangements that Lavawall® does not yet provide.
Frequently asked
- Does Lavawall® replace AutoElevate?
- Lavawall® delivers the same business outcome — controlled, on-demand admin privilege for standard users — without a kernel-level driver, and bundles it with patching, GRC, breach detection, and helpdesk. Whether to retire AutoElevate depends on the depth of AutoElevate-specific workflow you have built.
- Is elevation logged for compliance evidence?
- Yes. Every elevation event in Lavawall® is captured in the audit trail and mapped to the relevant control families in CMMC 2.0, NIST CSF, NIST 800-171, CIS Controls, SOC 2, ISO 27001, HIPAA, and PCI DSS automatically.
- Does Lavawall® work on macOS and Linux?
- Yes. Lavawall® treats Windows, macOS, and Linux as first-class platforms from a single agent and console — including for elevation, patching, configuration assessment, and GRC evidence.