I’d strongly recommend you reach out to your VAR, reseller, or HCL / IBM directly, and get some training offerings. It probably won’t cost as much as you think, and you might be able to enroll by yourself or through a local user group for a “Proof of Technology” which can often cost $0
A lot of the built-in processes in BigFix are based around company desires for strong configuration management - they expect an administrator to review and vet content before pushing it out. Most of this is not “fire-and-forget” like Windows Update where you never really know what patches are going to get installed. I haven’t used Server Automation much, but my understanding is that you could set up a maintenance plan to “Apply all baselines from site X” - but you are still expected to review the content and create the baselines.
You might look in to Patch Policies (which is an app available through the optional WebUI installation). That sounds a lot closer to what you’re looking for. You set a criteria for the patches to select (Microsoft/Critical), select a group of machines on which the policy applies, and define maintenance windows for when the fixlets get applied.