Hey bigfix folks need some help.
We use a combo of software tools to monitor vulns on our machines in our network and bigfix doesn’t pick up as many patches to the latest vulns as the others? I am looking to just use bigfix for patching.
Is this a license tier issue?
I’m new to bigfix and I’ve been reading that I can add more sites to pull from for detecting and pulling in fixlets?
To some degree, it depends on the type of vulnerability being detected. Do you have BigFix patches enabled for all of your operating systems where the client is deployed?
I suggest you explore Insights for Vulnerability Remediation (https://help.hcltechsw.com/bigfix/10.0/integrations/Ecosystem/Install_Config/c_welcome.html) for this requirement. It allows BigFix data and Vulnerability Scanner data to be correlated.
You will generally find more vulnerabilities identified than BigFix OS and application software patches available, since there are many ways for software to be vulnerable that are not addressed with a patch by itself. There may be configuration settings or it may be a piece of software not in the BigFix application software catalog.
It may also depend on your license. What type of license do you have? Bigfix Patch will give a good level of visibility and remediation for OS vulnerabilities that are addressed by a “patch” and a limited set of application but not necessarily vulnerabilities that scanners may pickup that may relate to other 3rd party apps or OS configurations. Other product subscriptions such as Bigfix Compliance, Bigfix Lifecycle or Bigfix Remediate give more functionality and a broader scope of content for other vulnerability that may not be covered by Patch, as well as providing the IVR module that @itsmpro92 referred to.