BigFix Keynote: Find and Fix All Endpoints Fast

BigFix Keynote
We find and fix all endpoints
fast
Jens Nehmer
+49-151-27777005
Jens.nehmer@hcl.com

Copyright © 2023 HCL Software Limited
HCL BigFix & dachnoug 50

3
Endpoint Security is a Universal Challenge
In 2023, there are
about 3.5 million
unfulfilled
cybersecurity jobs
Skills
shortage
Regulatory fines
can cost millions
for large global
brands
Compliance
mandates
Nearly 1/3 of all
detected
vulnerabilities
remain
unremediated
after a year
Long remediation
times
A typical
organization
uses 14 endpoint
management tools
Too many tools
And agents
No consolidated
single manage-
ment view of all
endpoints
increases security
risk
Lack of
visibility
Endpoint Security
is essential, but
challenging
“things” to secure personal data records stolen lost to cybercrime

4
Endpoint Management and Security Challenges
IT Operations
Too many OS-specific
tools, agents, consoles
Work from Anywhere
Reduce IT Costs
Reduce software cost
Manage Multicloud
Manage IoT and kiosks
Cyber Security
Remediate Vulnerabilities
Fast
Zero Trust Initiatives
Secure the Enterprise
Maintain Continuous
Compliance
Find vulnerable software

OT
BigFix Endpoint Management
Secure and manage all endpoints
7
7
Customer HQ
Remote Office
Remote Office
Remote Office
Data Center
Satellite
ISDN
56K
T1
Mobile
IoT
Hotel
Cafe Airport
Google
Azure
AWS
Kiosk
ATM
Home
Internet

8
BigFix: The Endpoint Management Platform
Analyze
An open data analytics platform
providing insights, historical and trend
reports
Discover inventory
• Discovery and enrollment
• Hardware and software inventory for
over 100k titles
Continuous compliance and patch
• CIS, PCI-DSS, DISA-STIG
• Eliminate configuration drift
Vulnerability remediation
Correlates vulnerabilities from Tenable
and Qualys to bridge the Sec/Ops gap
and reduce attack surface
Intelligent automation
Fully automated operations for any
endpoint
• Distribution
• Hardening
• Patch
• Compliance
Manage
• Desktop, server, cloud and mobile
• End user self-service
• Remote desktop control
• Power Management
Integrate
Integrations with 12+ market leading
products including ServiceNow,
Tenable, Qualys, QRadar and more

12
“Point in time” Versus Continuous Compliance
BigFix Agent…
Continuously enforces polices
Reports change immediately
99%+ compliance
commonly achieved!

13
BigFix CyberFOCUS Technology
The industry’s first vulnerability
remediation solution that combines threat
intelligence-based CVE prioritization,
prescriptive analytics and the broadest
device coverage to help organizations
stay protected ahead of emerging
threats.

For HCL and HCL Business Partners only

16
A Recognized Leader
Gartner Peer Insights for UEM Quadrant Knowledge Systems

17
Top Reasons Customers Buy BigFix
Consolidate tools for reduced
cost, complexity and risk
Accelerate Zero Trust and
other security initiatives
Keep all endpoints
continuously patched and
compliant
Remediate vulnerabilities
faster to maintain business
continuity
Reduce annual software costs
while fostering use of current,
most secure, software versions
Securely Manage
“Work From Anywhere”
Initiatives
Industry’s Broadest Array of Automation
and Out-Of-The Box Content

18
HCL BigFix at a Glance
_____________________________________________________
100,000,000+ 47
endpoints managed worldwide. countries
_____________________________________________________
100+
supported operating systems
_____________________________________________________
100,000+
software titles inventoried
_____________________________________________________
500,000+
ready-to-deploy content
_____________________________________________________
20,000+
out-of-the-box compliance checks

20
HCLSoftware
Delivering software that fulfils the transformative needs
of clients around the world
_______________________________________
$1B 50
enterprise software business countries
________________________________________
50+ 15,000+
products enterprise customers
________________________________________
4,500+
employees worldwide
_________________________________________
4 areas of expertise
• Enterprise Security
• AI & Automation
• Digital Transformation
• Data & Analytics

21
Source: Predicts 2022: Cybersecurity Leaders Are Losing Control in a Distributed Ecosystem - Published 24 January 2022
• Cybersecurity is turning into a social phenomenon. Investor interest, public pressure, employee
demands, and governmental regulations are strengthening the incentives for organizations to track
and report cybersecurity goals and metrics
• Customers are increasingly expressing concern and interest in the cybersecurity posture of the
organizations that they conduct business with.
• 88% of boards regard cybersecurity as a business risk rather than solely a technical IT problem
• Traditional culture improvement efforts that focus exclusively on awareness are failing to facilitate
secure behavior
• Executive performance evaluations are increasingly linked to an ability to appropriately manage
cyber risk within their parts of the business.

Internet/Firewall Connected
Corporate/Remote Offices/
ATM/PoS/Desktops etc.
Real-time visibility, scalability, and ease of use
Lightweight infrastructure
• Use existing systems as relays
• Built-in redundancy
• Support / secure roaming
endpoints
• Single Port (52311)
• API Servers for extension to Cloud
and Mobile
Cloud-based content delivery
• Highly extensible
• Automatic, on-demand
functionality
• 500K+ Published Fixlets.
• New content added daily +
community. (BigFix.me)
• To BigFix Server Only!
Single server and console
• Highly secure
and scalable
• Aggregates data,
analyzes and reports
• Pushes out pre-defined /
custom policies
• Can be on WAN or Cloud
Flexible policy language (Fixlets)
• Thousands of out-of-the-box policies
• Best practices for operations and
security
• Simple custom policy authoring
• Highly extensible/applicable across all
platforms
• Use Relevance, PowerShell and others
Intelligent agent
• Performs multiple functions
• Continuous self-assessment and
policy enforcement
• Minimal system impact
(< 2% CPU)
• Approximately 15MB Ram
• API Registration
Content Repository
BigFix Server
Relay
WAN Connected
Relay
Open Architecture
• Rest API
• ServiceNow
• Qualys
• Tenable
• Qualys
• Forescout
• Aruba
• Nutanix
MCM API
MCM/API
Server(s)
Remote Users
Laptops / Mobile

Consolidate, Simplify and Optimize
23
Many tools, consoles and teams A single platform to manage every endpoint

New Challenge of 2023:
Blocking Threats Before the Attack
24
60%
of breaches occur because a patch was
available for known vulnerability but not
applied
60days
for an organization to remediate critical
vulnerabilities
<15days
for attackers to exploit a discovered
vulnerability
IT Ops needs to get ahead
of the latest threats
Align IT with security
Automate Vulnerability
Remediation

25
Technology Explosion Creates Complexity
Every solution has
an agent
Every agent has
a console
Every console
requires a server
or cloud instance
Every tool requires
staff, training,
maintenance, and
support
Where does it
end?
At what cost?

26
Endpoint Management for Every Part of Your Organization
Support for 100+ operating
systems and variants
Integrations with ServiceNow, Tenable,
Qualys, Nutanix, IBM, VMWare, AWS,
Google Cloud, Azure and others
User Workspace
Management
Deep automation for clients
and mobile to easily solve the
latest user endpoint demands
in the market
Secure Infrastructure
Automation
of servers and cloud assets
Security & risk management
compliance
Software Asset
Management
Software cost management
License optimization
Software auditing
CyberFOCUS Security
Management
Help alignment of security
and operations
Help C-suite balance
security and business
Prove cyber risk reduction

27
Support for 100 operating
Automation
compliance
Software Asset
Management
Software auditing
CyberFOCUS Security
Management
and operations
Improve
management and
control of end user
computing devices
including laptops,
desktops, phones
and tablets while
enabling
self-service IT.
Provides
• Total User Workspace
Management
• User self-service
• User experience management
• CyberFOCUS Analytics
• Fast Vulnerability remediation
• Enforced compliance
BigFix Lifecycle
BigFix Mobile

28
User Workspace
Management
in the market
Software Asset
Management
Software auditing
CyberFOCUS Security
Management
and operations
Provides
• Effective patch management
• Intelligent server automation
• OS updates and deployment
• CyberFOCUS Analytics
• Continuous compliance
• Remote control
• Ready-to-deploy content
BigFix Lifecycle
BigFix Compliance
Improves security
and control of on-
prem and cloud
servers using a single
comprehensive
management
platform.

29
User Workspace
Management
in the market
Automation
compliance
CyberFOCUS Security
Management
and operations
Optimizing software
cost management
through license
inventory, usage
tracking and audit-
ready reports.
Provides
• Software catalog with
100,000+ titles
• Software usage reporting
• Identification of over
deployed titles
• Identification and optional
removal of risky and
unauthorized software
BigFix Inventory

30
User Workspace
Management
in the market
Automation
compliance
Software Asset
Management
Software auditing
CyberFOCUS Security
Management
and operations
Aligns security and
operations to remediate
vulnerabilities faster,
ensure compliance
across the enterprise
and better manage
security and risk across
all endpoints in the
enterprise.
Provides
• Insights for Vuln
Remediation
• CISA KEV Analyzer
• MITRE APTs Vuln Simulator
• Protection Level Agreements
BigFix Lifecycle
BigFix Compliance
BigFix Remediate

31
“Point in time” Versus Continuous Compliance
BigFix Agent…
Continuously enforces polices
Reports change immediately
99%+ compliance
commonly achieved!

32
BigFix CyberFOCUS Technology
The industry’s first vulnerability
remediation solution that combines threat
intelligence-based CVE prioritization,
prescriptive analytics and the broadest
device coverage to help organizations
stay protected ahead of emerging
threats.

33
CISA KEVs Exposure Analyzer
1. Identifies priority exposures to CVEs
in CISA’s Known Exploited Vulnerabilities
Catalog based on whether BigFix
patched the CVEs
2. Compares your environment to the
CISA-directed due dates for the CVEs,
and your performance against those due
dates
3. Provides information on number of
devices exposed and device vulnerability
density. Prescribes the biggest attack
surface gaps that need to be patched
4. Correlates the BigFix Patch Content
needed and the unpatched devices
regarding the CVEs in question to
protect the org

34
Advanced Persistent Threat
CVE Analyzer
1. Confirms priority priority exposures to
CVEs known to be used by MITRE ATT&CK
Groups based on whether BigFix patched
the CVEs
2. Includes the CVE Remediation Simulator
to do instant, real-time ‘what if’ analysis of
changes in your vulnerability attack surface
to prescribe remediations having the most
protective power with the least disruption
3. Provides information on number of devices
exposed and device vulnerability density.
Prescribes the biggest attack surface gaps
that need to be patched
4. Correlates the BigFix patch content
needed and the unpatched devices
regarding the CVEs in question to provide
immediate protection

35
Protection Level Agreements
Measure performance of remediation against
business-driven targets
Critical security patches for
online banking servers
for Cobalt Group CVEs
✓ Aligns IT Operations with Business
Objectives, balancing business
objectives/goals with cyber risk tolerance
✓ Leverages baselines that combine asset
criticality, CVE criticality, desired patch
levels, and compliance standards against
agreed-to organizational service levels
✓ PLA report shows remediation
performance against specific asset
groups

36
Typical Vulnerability Remediation using current tools
Vulnerability Remediation using BigFix
Current
• IT is at the end of the
process
• Research and Fixes are
manual tasks taking
weeks
• Management activities
organized by OS
• Remediations are
prioritized manually
• WEEKS / MONTHS
BigFix
• Automates correlation and research
• Automates Fixlet creation
• Activities are OS-independent
• Speeds patching and vulnerability remediation
• Allows IT Ops to stay ahead of the threat
• HOURS / DAYS

37
BigFix Insights for Vulnerability Remediation

38
BigFix: The Endpoint Management Platform
Analyze
An open data analytics platform
providing insights, historical and trend
reports
Discover inventory
• Discovery and enrollment
• Hardware and software inventory for
over 100k titles
Continuous compliance and patch
• CIS, PCI-DSS, DISA-STIG
• Eliminate configuration drift
Vulnerability remediation
Correlates vulnerabilities from Tenable
and Qualys to bridge the Sec/Ops gap
and reduce attack surface
Fully automated operations for any
endpoint
• Distribution
• Hardening
• Patch
• Compliance
Manage
• Desktop, server, cloud and mobile
• End user self-service
• Power Management
Integrate
Integrations with 12+ market leading
products including ServiceNow,
Tenable, Qualys, QRadar and more

45
BigFix Offerings Comparison
Key Capabilities BigFix
Patch
BigFix
Lifecycle
BigFix
Compliance
BigFix
Remediate
BigFix
Inventory
BigFix One
on Cloud
Comprehensive patching P P P P P
Pre-built and tested OS patch content P P P P P
Extended catalog of 3rd party apps for Windows P P P P
Vulnerability remediation with CyberFOCUS Analytics P P P P
Data analytics/integration platform P P P
Software and OS distribution and updates P P
Server automation / task sequencing P P
Desktop control and energy management P P
Configuration checklists for CIS, PCI-DSS, and DIST STIG
containing more than 20,000 checks
P P
Continuous compliance policy enforcement P P
Security configuration management P P
Multi-vendor anti-malware management P P
Hardware inventory P P
Software inventory with catalog of 100,000+ titles P P

Optimize Your IT/Security Operations With BigFix
Ad hoc
patching
Infrequent
vulnerability
scanning
Multiple endpoint
management tools
Management Siloes
for mobile, laptop,
servers
Siloed Vulnerability
management
Vulnerability
Prioritization
based on
CVSS
Manage
to Protection
Level Agreements
Compliance
enforced
automatically
Zero Trust
endpoint
management
Continuous
vulnerability
assessment
All endpoints
visible and
managed
Single
Endpoint
Management
Platform
Cost: CAPEX and OPEX
Cloud
Endpoint
Management
IT Operations
and Security
aligned and
data integrated
Operations Optimization Level

47
Optimized IT Operations with HCL BigFix
Visibility
• Attacker and threat
focused
• Multiple threat-vectors
scanned and prioritized
• Threat-driven metrics
and trends
Management
• Patching based on risk
to critical assets
• Direct integration with
vulnerability scanners
and ITSM systems
• Single tool and processes
for user workspace and
data center operations
Standard support
Implementing Zero Trust
endpoint management
Visibility
Visibility of all endpoints
Management
• Every device and OS
managed via single tool
• Threat and risk aligned
with business goals
• Create and Manage
to Protection
level agreement
• All threat-vectors scanned
and prioritized
Standard support
• Automated, real time audit
reports
• Continuous compliance
• Zero Trust endpoint
management implemented
Level 5
Business risk
management
Level 4
Attack management
Visibility
Regulatory reporting
requirements
Management
• Vulnerability management
solution in place
• Scheduled vulnerability
scanning
• Basic outbreak
action plan
Standard support
• Assessing Zero Trust
endpoint management
• Implement Microsoft
Autopatch
Visibility
• Emerging metrics
and trends
• Vulnerability scan data
provided in spreadsheets
to IT
Management
• Remediation with a risk
prioritization model
• Scan data prioritized
through analytics
• Measurable processes
Standard support
Implementing some elements
of Zero Trust endpoint
management
Level 3
Analysis and
prioritization
Level 2
Assessment and
compliance
Visibility
Many Endpoints are
undiscovered
Management
• Ad hoc patching
• No vulnerability scanning
• Manual vulnerability
assessments
• No outbreak action plan
Standard support
• No cloud security
assessment
• No Zero Trust endpoint
management
Visibility
Vulnerability assessment
performed by external party
annually
Management
• Multiple endpoint
management tools
• Siloed processes for
mobile, laptop and server
Standard support
No Zero Trust endpoint
management
Level 1
Scanning
Level 0
Non-existent

48
BigFix and Zero Trust
What is Zero Trust?
Zero Trust is an information security model
that denies access to applications and data
by default. Threat prevention is achieved by
only granting access to networks and
workloads utilizing policy informed by
continuous, contextual, risk-based verification
across users and their associated devices.
Core Tenets of Zero Trust
o All entities are untrusted by default.
o Least privilege access is enforced.
o Comprehensive security monitoring is
implemented.
2.1.5 – The enterprise monitors and
measures the integrity and security
posture of all owned and associated
assets.
2.1.7 – The enterprise collects as
much information as possible about
the current state of assets, network
infrastructure and communications
and uses it to improve its security
posture
3.3 – Trust Algorithm BigFix feeds
the TA. Supports the Asset
Database with the known status
Enforce Continuous Compliance
and Secure DevOps Processes
3.0 – Continuous diagnostics
and mitigation (CDM) system:
This gathers information about
the enterprise asset’s current state
and applied updates to
configuration and software
components.
3.1 – Industry compliance system:
This ensures that the enterprise
remains compliant with any
regulatory regime that it may fall
under (e.g. FISMA)
Source: https://www.forrester.com/blogs/the-definition-of-modern-zero-trust/
BigFix addresses key elements of NIST 800-207

49
A Recognized Leader
Gartner Peer Insights for UEM Quadrant Knowledge Systems

50
✓ BigFix unifies patching across Windows,
UNIX, Linux and macOS (~ 100 different
operating systems versions
are supported)
✓ Patch with greater than 98% first pass
success rate, significantly reducing
remediation of failed patches
✓ Leverage ready-to-deploy content, built and
tested by HCL BigFix for supported operating
systems, 3rd party applications, databases
and middleware
✓ Realtime monitoring of patch deployments
✓ ”Invisible” impact on workstation or
network performance by using bandwidth
throttling for low-speed connections and an
agent that requires <2% CPU
BigFix Multiplatform
Patching

51
BigFix Pre Packaged Content Offerings
macOS Apps
3rd Party Windows Apps
Microsoft Windows Apps
Extended 3rd Party Windows Apps
Windows ESU content RHEL ESU content
CISA KEV content pack BigFix
add-ons
BigFix
Patch
BigFix
Lifecycle
Compliance
Remediate

BigFix Technology Alliance Program
Certified integrations support by HCL and the partner

BigFix Helps
United Parcel Service
Improve uptime and speed delivery
53
Uses BigFix Lifecycle to distribute SW
and patches. Pandemic increased VPN
traffic from 15,000 devices to 44,000
without a hitch
___________________________
216,000
client devices managed
___________________________
44,000
servers managed
___________________________
251,000
devices inventoried
_____________________________________________________
216,000
client devices managed
_____________________________________________________
251,000
devices inventoried
___________________________________________________________
44,000
servers managed

BigFix Helps
AIS Reduce Risk
Improve uptime and speed delivery
54
Advanced Integrated Solutions (AIS)
provides technical and field services to
support environmental, building and
infrastructure projects throughout North
America.
_____________________________________________________
90,000
endpoints managed
____________________________________
Advanced Integrated Solutions
(AIS) supports the US Federal
Government’s deployment of
Information Security Continuous
Monitoring (ISCM), the
Continuous Diagnostics and
Mitigation (CDM) Program

BigFix Helps Alight
Reduce Software Cost and Risk
Alight Solutions Videos: Customer focus and Customer roundtable
Using BigFix Inventory,
Alight Solutions has reduced
software spend by eliminating
unnecessary software while
reducing risk of expensive
software audits.
___________________________________
“What I like about BigFix
Inventory is that it gives you a
valid point of view you can give
an auditor.”

56
Top Reasons Partners Engage BigFix
Increased Productivity =
Increased Profitability
On Demand Technical
Enablement and Sales Support
Thought Leadership to Align
IT and Security
New, Profitable
Implementation, XaaS and
MSP Services
Management Consulting for
Protection Level Agreements
Scales to all size customers
and industries

BigFix Keynote: Find and Fix All Endpoints Fast

BigFix Keynote: Find and Fix All Endpoints Fast

Recommended

Recommended

More Related Content

Similar to BigFix Keynote: Find and Fix All Endpoints Fast

Similar to BigFix Keynote: Find and Fix All Endpoints Fast (20)

More from DNUG e.V.

More from DNUG e.V. (20)

Recently uploaded

Recently uploaded (20)

BigFix Keynote: Find and Fix All Endpoints Fast