BigFix Review

Increases our efficiencies on the remediation phase of our engagements and enables us to spend fewer consulting hours


What is our primary use case?

We rely on BigFix to provide patch remediations in conjunction with instant response engagements that we have. Once CyFIR finds a problem, we tend to leverage BigFix to automate the solution across the entire environment.

How has it helped my organization?

We rely on BigFix as part of our consulting engagements. It's more efficient from a visibility and discovery standpoint on the initial phase, the consulting engagement. It also increases our efficiencies on the remediation phase of our engagements. 

We use it to compare the current state of patch and diff that with where it should be and to also push CVE patches and things out that are specific to a problem we have found. 

The combination of CyFIR and BigFix has allowed one of our major customers, one of the top Fortune 50 financial firms in the world, to reduce their forensic investigator count by about 4 FTE with the combination of CyFIR and BigFix.

Compared to SCCM it's much more robust, much more capable, and you can be much more targeted with SCCM. The challenge with SCCM is it doesn't have much of a discovery module so if we're going in blind to a network, we really want to know what's there, not what they think is there. BigFix provides us that picture.

What is most valuable?

With BigFix, the ability to do device discovery and the installation of our CyFIR agent across the environment is a very autonomous, automatic-type function that is a very significant feature for us. We combine CyFIR and BigFix to provide a total cybersecurity solution, including computer forensics disk imaging, memory analysis imaging. As part of that, we tend to leverage BigFix from the remediation side and from the installation side. 

The peer to peer file transfers as a solution are fine. 

What needs improvement?

I'd like to see better API integration with BigFix. We have some tremendous API capability inside of CyFIR and the ability to take textual search results, for example, and bring that back into the BigFix dashboard. This would be of extreme interest to us and our customers. 

What do I think about the stability of the solution?

It's very stable. 

What do I think about the scalability of the solution?

Scalability is very good. 

How are customer service and technical support?

Their technical support is very responsive. 

If you previously used a different solution, which one did you use and why did you switch?

We're always looking for innovation and the most efficient and effective way to serve our client base. BigFix came up on our radar as part of that continual enhancement search.

How was the initial setup?

From our perspective, it's pretty easy engagement. It's not just for our network, we use this for our engagements with our clients so the complexity is typically not introduced by BigFix but by the customer client networks and their specific requirements.

What about the implementation team?

We implemented it ourselves. 

What was our ROI?

The fewer consulting hours that we spend is ROI for us. BigFix enables us to produce maximum results.

What other advice do I have?

I would rate it a 9.5 out of ten. It's pretty close to being perfect. It's stellar.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Add a Comment
Guest
Sign Up with Email