Welcome
CISA Known Exploited Vulnerabilities (KEV): Overview
The Known Exploited Vulnerabilities (KEV) Content Pack is available as an add-on for BigFix. It is a collection of BigFix Fixlets that is derived from extensive research of the CISA KEV catalog, NVD, and Vendor Advisories. This KEV Content Pack provides BigFix operators with the ability to quickly identify endpoints with vulnerabilities that are high-risk and time-sensitive given that they are known to have been exploited or are actively being exploited.
Enable BigFix KEV Content Pack Site
Learn how to enable the Known Exploited Vulnerabilities (KEV) Content Packs and subscribe computers to the site.
Enable BigFix KEV Content Pack Site for Windows
Learn how to enable the Known Exploited Vulnerabilities (KEV) Content Pack and subscribe computers to the Windows site.

BigFix Documentation Homepage
BigFix AEX
Welcome to the BigFix AEX (Advanced Endpoint Management) documentation.
Runbook AI (Add-on)
The Runbook AI (Add-on) is designed for both BigFix Runbook AI administrators and end users who are working towards the resolution of IT support tickets. Its primary purpose is to help BigFix administrators to easily monitor the health of their servers and initiate well-informed recovery actions with specialized Runbooks AI.
CISA Known Exploited Vulnerabilities (KEV): Overview
The Known Exploited Vulnerabilities (KEV) Content Pack is available as an add-on for BigFix. It is a collection of BigFix Fixlets that is derived from extensive research of the CISA KEV catalog, NVD, and Vendor Advisories. This KEV Content Pack provides BigFix operators with the ability to quickly identify endpoints with vulnerabilities that are high-risk and time-sensitive given that they are known to have been exploited or are actively being exploited.
- Migration from old KEV site to new KEV site
  This section provides instructions on migrating from old Known Exploited Vulnerabilities (KEV) Content Pack to new Known Exploited Vulnerabilities (KEV) Content Pack by removing the older scanner binary, disabling the legacy KEV content, and enabling the new KEV content packs.
- Enable BigFix KEV Content Pack Site
  Learn how to enable the Known Exploited Vulnerabilities (KEV) Content Packs and subscribe computers to the site.
  - Enable BigFix KEV Content Pack Site for Windows
    Learn how to enable the Known Exploited Vulnerabilities (KEV) Content Pack and subscribe computers to the Windows site.
  - Enable BigFix KEV Content Pack Site for NIX
    Learn how to enable the Known Exploited Vulnerabilities (KEV) Content Pack and subscribe computers to the NIX site.
  - Enable BigFix KEV Content Pack Site for MacOS
    Learn how to enable the Known Exploited Vulnerabilities (KEV) Content Pack and subscribe computers to the MacOS site.
  - Enable BigFix KEV Content Pack Site for Mobile
    Learn how to enable the Known Exploited Vulnerabilities (KEV) Content Pack and subscribe computers to the Mobile site.
- KEV Scanner Policy Action Management
  BigFix provides four utility tasks to facilitate the deployment, execution, and configuration of the Known Exploited Vulnerabilities (KEV) Scanner. The KEV Scanner is necessary to identify certain CVEs (for more details on which CVEs require the KEV Scanner, refer to BigFix Wiki at BigFix Known Exploited Vulnerabilities (KEV) Content Pack).
Payment Card Industry (PCI) Add-on User Guide
The BigFix PCI DSS Add-On is a premium component that provides security configuration checklists that are based the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
RHEL ESU Add-On User's Guide
BigFix content supporting Red Hat's Extended Update Support (EUS) and Extended LifeCycle Support (ELS) patching program is available as an add-on to the BigFix Patch, BigFix Lifecycle, and BigFix Compliance products.
Service Graph Connector Integration
The Service Graph Connector is available as an add-on for integrating BigFix Inventory with your CMDB. The connector is designed to support common use cases and requires additional customizations to meet your specific business process requirements. Successful implementation of the connector requires thorough assessment and due diligence, and could involve modifications to input fields or the implementation of specialized reconciliation processes to align with your internal workflows.
Windows ESU Patch Add-On User's Guide
BigFix content supporting the Extended Support Updates (ESU) patching program from Microsoft® is available as an add-on to BigFix Patch, BigFix Lifecycle and BigFix Compliance.
BigFix Patch Workbench Add-On
This topic provides an overview of BigFix Patch Workbench, an automated solution that streamlines patch deployment, reduces tool fragmentation, integrates with ServiceNow, and enhances compliance and productivity across ITSM processes.
Add-ons guides in PDF format
Below is a comprehensive list of links to the Add-ons user guides available in PDF format, designed to assist users in navigating and utilizing the software effectively:

Enable BigFix KEV Content Pack Site for Windows

Learn how to enable the Known Exploited Vulnerabilities (KEV) Content Pack and subscribe computers to the Windows site.

Procedure

In the License Overview Dashboard, navigate to the Vulnerability Add On domain.
In the site list, find the Windows site and click Enable. The site gets enabled.
To subscribe computers to the Windows site, click the site name.
In the Computer Subscriptions tab, choose which subset of your BigFix client computers you want to subscribe to this site. Select one of the following options:
- All Computers. Select this option to automatically subscribe all Clients to the Windows site.
- No Computers. Select this option if you are not yet ready to subscribe any computers.
- Computers which match the condition below. Select this option to describe a set of criteria that must all evaluate to TRUE before a BigFix client is subscribed. From the drop-down menu, you can select from dozen of properties to test for inclusion.
For more details on how to subscribe computers to the Windows site, refer to Computer Subscriptions Tab.