Try our new research platform with insights from 80,000+ expert users

BigFix vs Microsoft Defender for Endpoint comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

BigFix
Ranking in Endpoint Protection Platform (EPP)
22nd
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
96
Ranking in other categories
Configuration Management (6th), Patch Management (2nd), Unified Endpoint Management (UEM) (4th)
Microsoft Defender for Endp...
Ranking in Endpoint Protection Platform (EPP)
1st
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
192
Ranking in other categories
Advanced Threat Protection (ATP) (2nd), Anti-Malware Tools (1st), Endpoint Detection and Response (EDR) (3rd), Microsoft Security Suite (5th)
 

Mindshare comparison

As of April 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of BigFix is 1.1%, up from 0.8% compared to the previous year. The mindshare of Microsoft Defender for Endpoint is 10.9%, down from 14.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Bella Yakoby - PeerSpot reviewer
Offers third-party patching feature, good scalability, and enhance endpoint management capabilities
From the perspective of the team that's handling the environment, it's not so user-friendly compared to other solutions, the competitors. We hire new teams from time to time, and they are complaining, look, although BigFix is very robust and cross-platform, it's not so fun to work with. The user interface for the technical teams is not so advanced. It's not so intuitive compared to SCCM, compared to ManageEngine. And this is the fact that they have, with the teams, because they have the rejection. The look and feel of the system are old-fashioned. For new employees, it's less easy to find someone I don't need to educate on how to work with BigFix. Although it's easy, it's not as intuitive as the other solutions, and the functionality of the other solutions is less advanced. Let's summarize: The user interface has to be changed from the perspective of the teams that are managing the product. It's old school.
AnuragSrivastava - PeerSpot reviewer
Provides detailed visibility into threats but the ability to add exceptions needs improvement
One major item for improvement is the ability to add exceptions. We can add some exceptions, but not at the level we need to. The second major area for improvement involves enhanced capabilities for different operating systems or platforms. That is, even though we have coverage for different operating systems or platforms such as Linux, we don't get all of the controls and enhanced capabilities that are available with Windows devices. Reporting could also be improved because, at present, we get limited results at times. For example, in an environment with more than 100,000 devices, you may just get 10,000 results when you run a report.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is the patching."
"The best feature of BigFix is its multi-platform support."
"Between the user groups, the community, the AVP support, the direct access via technical route and the PMR support, half the time I don't even need to do a formal PMR because the solutions from the community resolve whatever issues we're having. It's the best community and support based system I've ever used."
"It is pretty secure, and it gives extensive vulnerability features as compared to other applications. It supports multiple languages, and the security checks are pretty high as compared to other tools in the market."
"The older version of the tools that I use also included the connectivity aspect, and the fact that the tool now has it separate from the collection of usage data makes the deployment of these tools much easier."
"Patch management, because it very much improved the patch compliance and has the capability to manage Windows and non-Windows clients."
"I think BigFix is a very good solution, and I rate it ten out of ten."
"It allows for visibility into the OT, the industrial environments, that didn't exist before which is a big piece and has benefited my organization. Second, the speed at which people can patch is night and day versus SCCM scan or another similar solution."
"Its simplicity is the most valuable. It also has very good integration. We like it."
"The notification and reporting features are most valuable because we are part of a compliance project, and maintaining SOC 2 compliance is critical."
"The best part is that it is built into Windows, whether it is a server base or a desktop base, which gives more control over the operating system. Because Defender, the operating system, and the Office solution are by Microsoft, everything is working like hand-in-glove. Its administrative overhead is less because a desktop user has already got some experience of how to handle a Microsoft Defender notification or administer it."
"Microsoft Defender for Endpoint is a comprehensive and scalable solution for protecting on-premises and hybrid infrastructure."
"Ensures that I'm working with a product that gets updated regularly without me having to remember to do it. Since it's a Microsoft product, I'm confident that it requires a low use of system resources. The benefit of that being that my computer isn't constantly being drained."
"Defender is integrated into the operating system. It's integrated with everything. You don't have to spend time analyzing what you have to do to be sure that the integration is okay between the security tool and all the other apps. This, from my point of view, is the main advantage."
"It does not make Windows slow, as compared to all of the third part antiviruses."
"Overall, I recommend Microsoft Defender for Endpoint due to its features and capabilities, which cover more loopholes than other EDR solutions."
 

Cons

"I remember doing restarts a few times. So, making sure that it is rock solid from an executable perspective is important."
"The only thing that I don't like about BigFix is that it does not support other devices such as printer firmware, router firmware, and things like that. I will be happy if I can control everything and get everything else in there, even if it is just a line item. They can do some enhancements to the Web UI. I am trying to get customers to be able to manage their environment by using Web UI, and it would be good if we can delete endpoints by using Web UI. We should also be able to generate Excel content or data tables from the Web UI without having to go to the console. It is small stuff, and it drives me crazy that I have to go to another console to do these things."
"We're a partner, so we deliver technical support to customers. When we need to talk to the product support, traditionally, with the product over the last five years, I would not say support has been supportive. I hope that changes."
"The new EDR (Endpoint Detection and Response) feature, Detect, is new and still needs a few updates."
"The product should become cloud-based. Also, the peer nesting ability of the product is a little backward."
"I would like to see improvements in the Web UI program and also a BigFix console for Mac OS."
"I'd like to see better API integration with BigFix. We have some tremendous API capability inside of CyFIR and the ability to take textual search results, for example, and bring that back into the BigFix dashboard. This would be of extreme interest to us and our customers."
"The reporting structure could be a little more simplistic. Currently, it throws too many vulnerabilities. Some of them are not needed because they are only informational and limitations, and they are not of much help. It doesn't need to show us these things."
"The integration and effectiveness of email security could be better. It's already built-in to the solution and checks emails, scans the links they contain etc."
"The pricing could be a bit better."
"We encountered some issues when we were trying to enable automatic updates from our group policy."
"I have accounts for administrators and corporate employees, but I also have accounts for students. I can't split these types of accounts. I need a separate configuration for both... I need to research how I can get alerts for only the administrative machines."
"The time it takes to implement policies has room for improvement."
"Microsoft Defender for Endpoint could improve by making the reporting better."
"I want Microsoft Defender to have the ability to deal with some issues automatically, so I don't need to address that issue manually."
"The product should reduce updates since it is hard to keep up."
 

Pricing and Cost Advice

"You get what we call the Platform Edition, which you get for free. The patch service is maybe $0.50 per workstation per month. Then there's the basic server cost, which is about $1.50 per server per month. You also get into Lifecycle which does power management, OSD remote control, and those types of things, and that might be about 10 times the price - which works out to about $13 per server and, maybe $5 per workstation per month."
"The price of BigFix could be lower. However, I am always seeking a lower price."
"The price is very fair."
"So, the pricing is slightly more expensive than the others. I have to keep buying licenses every time I add a new device."
"On a scale from one to ten, where one is expensive and ten is cheap, I rate the solution's pricing one out of ten."
"The price is reasonable, but our customers find it expensive."
"The product is less costly when compared to other solutions, and this is a good solid solution for what we have paid."
"We have a subscription-based contract with BigFix."
"I pay for it through the Windows Professional or Standard license. It is a one-time cost for me, and I use the same license."
"Licensing fees are paid annually through a partner."
"We have the E5 security license, and the solution comes with that."
"Microsoft Defender for Endpoint can be costly as a standalone solution."
"Microsoft Defender ATP is expensive."
"The price of Microsoft Defender for Endpoint is reasonable. Other solutions are more expensive, such as ClowdStrike."
"We have an enterprise agreement so from my perspective, this is a product that ships with Windows and it is not priced standalone."
"Microsoft Defender for Endpoint is cost-effective because there's one unified license, and with this unified license, you get the capabilities for your cloud applications, servers, and endpoints as well. Therefore, it saves us a lot of money because the cost with other solutions is for just one piece of OS or maybe an urban environment. The licensing process is not complex as well."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
47%
Financial Services Firm
8%
Government
6%
Computer Software Company
6%
Educational Organization
26%
Computer Software Company
11%
Government
7%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about BigFix?
The most valuable features of the solution are Windows patching and the hardware and software inventory.
What is your experience regarding pricing and costs for BigFix?
The pricing is competitive, but not the most competitive.
What needs improvement with BigFix?
Implementing a business solution with BigFix has some issues, primarily concerning the time required for distribution to clients if there are too many. Building a management console is quick and si...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
Which offers better endpoint security - Symantec or Microsoft Defender?
We use Symantec because we do not use MS Enterprise products, but in my opinion, Microsoft Defender is a superior solution. Microsoft Defender for Endpoint is a cloud-delivered endpoint security s...
How does Microsoft Defender for Endpoint compare with Crowdstrike Falcon?
The CrowdStrike solution delivers a lot of information about incidents. It has a very light sensor that will never push your machine hardware to "test", you don't have the usual "scan now" feature ...
 

Also Known As

Tivoli Endpoint Manager
Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, MS Defender for Endpoint, Microsoft Defender Antivirus
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

US Foods, Penn State, St Vincent's Health US Foods, Sabadell Bank, SunTrust, Australia Sydney, Stemac, Capgemini, WNS Global Services, Jebsen & Jessen, CenterBeam, Strauss, Christian Hospital Centre, Brit Insurance, Career Education Corporation
Petrofrac, Metro CSG, Christus Health
Find out what your peers are saying about BigFix vs. Microsoft Defender for Endpoint and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.