Read this guide for an introduction to BigFix Insights. Learn the concepts, terminology, and how to get started with using the feature.

Read this guide for an introduction to BigFix Insights. Learn the concepts, terminology, and how to get started with using the feature.

BigFix CVE Search dashboard and Web Report provide operators with ability to analyze vulnerabilities in their environment based on their CVE ID. For each CVE, operator can report on:

In the site list, find the site named CyberFOCUS. Click on the site and gather it.

CVE Search dashboard and web report also provide latest information on Known Exploitable Vulnerability (KEV) List provided by the Cybersecurity & Infrastructure Security Agency (CISA) Binding Operational Directive 22-01 (BOD 22-01).

CVE Search dashboard and web report provide ability to include/exclude non-relevant Fixlets from view and calculations. To do this, uncheck/check the “Show Relevant Only” checkbox respectively.

BigFix provides a unique view into patches that have been superseded by their vendor. By default, Fixlets for these patches get a relevance statement added to them to ensure that they will not evaluate as relevant on any system. However, a subset of these Fixlets can be evaluated using a “superseded evaluation” setting. Currently, this feature is supported for windows operating system patches.

CVE Search used to be published to the Vulnerability Reporting site that has since been deprecated. As of March 31st 2023, this site will no longer receive updates. To continue using CVE Search dashboard and Web Report, HCL recommends unsubscribing from the Vulnerability Reporting site and subscribing to the CyberFOCUS Site.

MITRE Advanced Persistent Threat Groups (MITRE APTs) web report obtains data published through the MITRE ATT&CK® Framework, analyses and compares it with the patch levels of the devices in your BigFix environment, and visualizes the analysis as a bar chart to help you take informed decision to mitigate the security threat.

CISA Known Exploited Vulnerabilities (KEV) webreport utilises the data provided by the Cybersecurity & Infrastructure Security Agency (CISA) KEV Catalog and the associated CISA due dates, analyses and compares them with the patch levels of the devices in your BigFix environment, and visualizes the vulnerability intelligence as a bubble chart to assess and prioritize the vulnerabilities.

PLA chart allows you to identify and prioritize all important patches (Fixlets) that are required to protect the device from possible vulnerability BigFix environment.

The Initiative Report provides an overview of CVEs (Common Vulnerabilities and Exposures) categorized by different computer groups found in the user's environment. Its purpose is to display the number of vulnerabilities across machines, giving insights into the distribution of vulnerabilities.

This module provides an overview and features of the BigFix ServiceNow Data Flow.

This section provides comprehensive information on the system requirements for Integration Services. Prior to service deployment, it is necessary for the user to possess the access outlined below.

In this module you can find fundamental concepts and terminology of BigFix ServiceNow Data Flow solution.

This module provides the steps to deploy the BigFix ServiceNow Data Flow solution.

Learn more about available Fixlets and Tasks for ServiceNow.

This module helps you update and validate configuration.

The following topics contain information on how you can work with the configuration file and settings, the CLI that comes with the package. They also describe how to use the log files for troubleshooting purposes.

The release notes outline the features, updates and patches that are included in each version of BigFix ServiceNow Dataflows, including the latest application updates.

This module provides comprehensive guidance on the installation, maintenance, and operation of the IVR v.4 service. It includes a detailed summary of the entire end-to-end workflow for using IVR v.4.

Welcome to the BigFix Insights for Vulnerability Remediation (IVR) documentation, where you can find information about how to install, maintain and use IVR service.

Traditional BigFix Patch content focuses on a limited set of vendors with a specialty in operating system and security patching. The Updates for Windows Applications – extended content site, provides coverage for upgrades to a growing list of third-party applications. This expansion helps you fill gap in proactive patching processes.

Learn the answers to frequently asked questions about updates for Windows applications - extended.

This section will help you to quickly cover the essential steps to start automating your software package workflows with Updates for Mac Applications Extended.

Enabling Updates for Mac Applications Extended site ensures that users receive the latest features, bug fixes, and security improvements for their installed apps.

You can view Fixlets and Tasks that you can take action on.

For an updated list of supported applications and current versions, see Mac third-party Apps.