Welcome
BigFix SaaS User Guide
This guide is for the regular users of BigFix SaaS.
Integrated Vulnerability Remediation
Integrated Vulnerability Remediation (IVR) provides a real-time overview of security vulnerabilities categorized by severity, using both the Common Vulnerability Scoring System (CVSS) and the Vulnerability Priority Rating (VPR). Use this feature to configure data sources, visualize vulnerability data in charts, and manage individual vulnerabilities in a detailed table. You can remediate vulnerabilities directly from the dashboard and export the data.

BigFix Documentation Homepage
BigFix SaaS Documentation
Welcome to BigFix SaaS, your comprehensive solution for cloud-based endpoint management. BigFix SaaS combines the reliability and control of BigFix with the flexibility of the cloud. Whether transitioning from an on-premises setup or exploring new possibilities, BigFix SaaS delivers simplicity, scalability, and security.
BigFix SaaS Overview
BigFix SaaS is a software-as-a-service based endpoint management platform that automates the management, patching, and inventory of nearly 100 different operating system versions.
Introduction
BigFix SaaS is an endpoint management platform that automates patch management and inventory across various operating systems and apps. Benefits include cost savings, accessibility, scalability, automatic updates, quick deployment, reliability, high compatibility, SaaS security, and reduced hardware requirements.
Getting Started with BigFix SaaS
This guide helps you get started with BigFix SaaS solution for managing your endpoints. BigFix SaaS is designed to simplify and streamline the management of users, devices, and deployments within your organization.
BigFix SaaS User Guide
This guide is for the regular users of BigFix SaaS.
- My Dashboard
  My Dashboard is the main page where users can add devices to their deployment and access additional functionality through icons for notifications and user profiles. The platform allows customization with light or dark mode at the account level, affecting all users.
- Custom Remediation
  Remediate devices on demand using your own Bash, PowerShell, or Action Scripts. Ideal for applying quick fixes, registry changes, or patching apps not covered by default content.
- CyberFOCUS
  CyberFOCUS is a threat intelligence and remediation feature within BigFix SaaS Remediate that provides visibility into CISA KEV (Known Exploited Vulnerabilities) and MITRE ATT&CK reports. It enables users to assess their security posture and take proactive remediation actions based on real-world threat intelligence.
- Deployment Manager
  The Deployment Manager in BigFix streamlines the process of executing actions on devices within a deployment. It allows users to initiate and monitor deployments, which can range in complexity from quick tasks completed in minutes to more involved processes that may take days to finish on all targeted devices.
- Device Explorer
  Use the Device Explorer Dashboard in BigFix to explore all connected devices in table and chart formats. Filter, sort, add devices, perform remediation, schedule maintenance, and export reports—all from one unified view.
- Fixlet Explorer
  Fixlet Explorer enables users to view and manage Fixlets, which are sets of instructions for the BigFix agent to execute on devices. Users can filter and deploy Fixlets, access detailed information on CVEs, and navigate through a data table displaying relevant Fixlet details.
- Fixlet Streams
  Fixlet Streams help to automate the process of remediating endpoint vulnerabilities, such as patch and update deployments, while offering flexibility for manual intervention when critical issues arise. The feature ensures routine security and compliance tasks are handled efficiently, freeing up IT teams to focus on strategic initiatives. Additionally, it allows for ad-hoc remediation, enabling swift responses to urgent issues like zero-day vulnerabilities.
- Protection Level Agreement (PLA)
  Protection Level Agreements are a set of baselines that combine device contexts, and desired patch levels and compliance standards for a given set of Fixlets against agreed-to organisational service levels by key stakeholders including IT, Security, and the overall organization.
- All Reports
  The All Reports page provides a central location to view, manage, and organize all reports available in BigFix SaaS. From this page, you can apply filters, delete reports, and manage report visibility. You can also mark reports as Favorites.
- User Management
  The User Manager application in BigFix SaaS provides administrators with a robust interface to efficiently manage user accounts, roles, permissions, and activities in BigFix SaaS. This guide walks you through the process of creating new users, disabling or deleting existing users, setting passwords, managing roles, and more, ensuring you have a smooth and efficient experience.
- Integrated Vulnerability Remediation
  Integrated Vulnerability Remediation (IVR) provides a real-time overview of security vulnerabilities categorized by severity, using both the Common Vulnerability Scoring System (CVSS) and the Vulnerability Priority Rating (VPR). Use this feature to configure data sources, visualize vulnerability data in charts, and manage individual vulnerabilities in a detailed table. You can remediate vulnerabilities directly from the dashboard and export the data.
  - IVR Dashboard
    The Integrated Vulnerability Remediation (IVR) Dashboard is your central hub for managing security risks. It displays vulnerability data automatically fetched from external scanners (such as Tenable). The system checks for new data sources every 10 minutes and refreshes data for existing data sources every 12 hours. This consolidated view supports the correlation of external scanner data with BigFix content, enabling you to efficiently process the remediation flow.
  - Creating New Datasource
    This module explains how to add a new data source to the Integrated Vulnerability Remediation (IVR) SaaS application.
  - IVR Remediation Flow
    The remediation workflow in Integrated Vulnerability Remediation (IVR) allows you to address vulnerabilities by deploying relevant Fixlets to affected devices. This process is managed through a unified wizard that guides you through selecting content, targeting devices, configuring behavior, and scheduling the deployment.You can initiate the remediation process for multiple vulnerabilities at once from the main dashboard, or focus on a specific vulnerability from its details page.
Guides in PDF format
This section contains links to PDF versions of all the BigFix SaaS product guides.
Frequently Asked Questions

Integrated Vulnerability Remediation

Integrated Vulnerability Remediation (IVR) provides a real-time overview of security vulnerabilities categorized by severity, using both the Common Vulnerability Scoring System (CVSS) and the Vulnerability Priority Rating (VPR). Use this feature to configure data sources, visualize vulnerability data in charts, and manage individual vulnerabilities in a detailed table. You can remediate vulnerabilities directly from the dashboard and export the data.

To access the IVR dashboard from BigFix SaaS, go to Resolve > Integrated Vulnerability Remediation.

Note: The Integrated Vulnerability Remediation link appears in the navigation pane only if your user role includes permission to access the IVR application. If you do not see this option, contact your BigFix administrator. For more details, see User Management.