Try our new research platform with insights from 80,000+ expert users

BigFix vs Qualys Patch Management comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

BigFix
Ranking in Patch Management
2nd
Average Rating
8.6
Reviews Sentiment
7.4
Number of Reviews
96
Ranking in other categories
Configuration Management (6th), Endpoint Protection Platform (EPP) (22nd), Unified Endpoint Management (UEM) (4th)
Qualys Patch Management
Ranking in Patch Management
4th
Average Rating
8.8
Reviews Sentiment
7.5
Number of Reviews
32
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Patch Management category, the mindshare of BigFix is 10.4%, down from 12.1% compared to the previous year. The mindshare of Qualys Patch Management is 4.1%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Patch Management
 

Featured Reviews

Bella Yakoby - PeerSpot reviewer
Offers third-party patching feature, good scalability, and enhance endpoint management capabilities
From the perspective of the team that's handling the environment, it's not so user-friendly compared to other solutions, the competitors. We hire new teams from time to time, and they are complaining, look, although BigFix is very robust and cross-platform, it's not so fun to work with. The user interface for the technical teams is not so advanced. It's not so intuitive compared to SCCM, compared to ManageEngine. And this is the fact that they have, with the teams, because they have the rejection. The look and feel of the system are old-fashioned. For new employees, it's less easy to find someone I don't need to educate on how to work with BigFix. Although it's easy, it's not as intuitive as the other solutions, and the functionality of the other solutions is less advanced. Let's summarize: The user interface has to be changed from the perspective of the teams that are managing the product. It's old school.
Revathi VeeraRaghavan - PeerSpot reviewer
Provides a centralized platform for managing assets and vulnerabilities, enabling assessment, prioritization, and remediation
Qualys Patch Management system requires several improvements. Firstly, the inability to download asset patches and the lack of third-party application integration limit patch accessibility. Additionally, rollback options are unreliable, and pre-deployment patch testing is crucial. Reporting needs enhancement, particularly with group-based compliance percentages and clearer, VMDR-like reporting in the Patch Management module. Furthermore, detection speed should be improved, as patches are released 24 hours after QIDs are published. The user interface could be more functional, with dashboards for patch compliance visualization and simplified error code language. Finally, the Mac patch catalogue needs expansion, and automated workflows, policy enforcement, and testing procedures should be streamlined for seamless, user-independent operation.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It allows us to quickly deploy capabilities that we need, whether it be security or non-security. We use it to keep systems up to date, deploy new drivers, find the information we need in the case of security incidents. The capability allows us to gather a lot of information very quickly and it also allows us to have a centralized reporting feature and a centralized deployment capability which is nice."
"The most valuable feature is patch management, a must have, even for Linux and iOS."
"BigFix has drastically reduced the maintenance window period to patch and reboot servers."
"The patch management and the BigFix Inventory have been the most valuable features."
"It has improved my organization because we can automate a lot of tasks. We went from manually patching machines or doing our best and having very little visibility into it to us being able to set it and forget it and getting really good results on first-pass patching."
"The architecture for patching and the 100% correct reporting makes BigFix stand apart from other solutions."
"It is a one-stop tool that allows you to do everything. It supports reporting, vulnerability management, patch management, and configuration. All things can be done in one tool."
"BigFix is incredibly fast and accurate in patching, reporting, and remediation."
"The integration of Qualys Gateway Scanner is my favorite feature."
"The most valuable feature of Qualys Patch Management is the support and service provided by Qualys."
"Our patch rate was 85 percent before implementing Qualys Patch Management, and now it is 98 percent."
"Qualys Patch Management has saved significant resources."
"Qualys Patch Management offers valuable features like scheduling and on-demand patching, allowing us to conveniently push patches to our servers at designated times."
"The first thing I would say is the ease of use."
"Qualys Patch Management leverages vulnerability feeds from the VMDR module, allowing us to identify vulnerabilities missing Qualys patches."
"Qualys Patch Management is an effective tool for vulnerability remediation."
 

Cons

"Sometimes the workstations communicate back to the BigFix server two or three days in a week or something similar. Sometimes there can be a delay reporting back to the server for a variety of reasons, such as users turning their computer off when they go home. When the user comes back and turns the computer back on BigFix needs to synchronize and sometimes it can take some time, approximately one week. The communication between the agent and the server should be faster, there is room for improvement in this area."
"The product should become cloud-based. Also, the peer nesting ability of the product is a little backward."
"The deployment has room for improvement and can be more streamlined."
"The console interface is not friendly, and requires training before using it in production."
"The new EDR (Endpoint Detection and Response) feature, Detect, is new and still needs a few updates."
"I would eventually like to see a SaaS offering, a cloud-hosted BigFix instance where we only have to put a relay in our environment."
"BigFix can improve the way machines report back to the console. In the external relay management environment, it has become more of a hybrid environment with most of the machines not being on-site. The need of having public-facing reporting items interconnected is becoming more and more crucial. In general, the reporting could use some enhancement."
"There is no support for patch management on SLES on IBM pSeries (only the Intel platform is supported)."
"Downloading extensive vulnerability reports, especially those with millions of entries, is time-consuming."
"There is room for improvement in terms of adding more patches."
"The availability of Qualys Patch Management needs to be improved."
"There is room for improvement in the detection logic. It sometimes detects open vulnerabilities that are not truly there, such as orphan files that are not really exploitable. It would be helpful if they were classified as information-only rather than Sev 4 or Sev 5."
"Qualys could improve its capacity to fix vulnerabilities on VMware and other virtualized environments. The reporting could also be enhanced to make it more user-friendly. It's difficult for beginners to learn."
"Some patches require OEM consent or must be released by OEM. For example, if an outdated version of a tool like Falcon is detected, Qualys flags it as a vulnerability, but cannot automate the patch update."
"Not all patches are supported, so there are some restrictions. Some remediations require script-level changes which Qualys does not support."
"It would be beneficial to have more efficiently scheduled task deployments that are tailored to specific asset types or deployment needs."
 

Pricing and Cost Advice

"It might be about $23 a client."
"Its price is very reasonable."
"Compliance, inventory, and licensing are really pricey. They should lower the price. It discourages users from getting onboard."
"You get what we call the Platform Edition, which you get for free. The patch service is maybe $0.50 per workstation per month. Then there's the basic server cost, which is about $1.50 per server per month. You also get into Lifecycle which does power management, OSD remote control, and those types of things, and that might be about 10 times the price - which works out to about $13 per server and, maybe $5 per workstation per month."
"On a scale from one to ten, where one is expensive and ten is cheap, I rate the solution's pricing one out of ten."
"The cost is slightly high."
"It is too costly. It is one of the best tools, but because of pricing, not all clients support it. Its licensing is on a yearly basis."
"The tool's price continues to go up. The cost per endpoint can vary, ranging from approximately 30 to 80 dollars per year. Compared to other products, pricing is in the middle. You need to buy an additional database license, but most users already have it."
"Qualys Patch Management's pricing is competitive."
"From what I have heard, Qualys Patch Management is pricey, which is a main barrier to entry. Another aspect that I do not like about Qualys is that they do not add new patch management functionalities to the existing package. It is a separate SKU, so you have to pay more money."
"The licensing cost is more than 2,000 for the whole Americas region"
"Qualys Patch Management comes as part of a bundled package with several modules, making it a cost-effective deal for us."
"Compared to other tools, the price of Qualys Patch Management is reasonable."
"Qualys Patch Management's pricing could be more competitive, as it presents a significant obstacle for many companies who find it unaffordable."
"Qualys Patch Management is expensive."
"I'm unaware of Qualys' exact price, but it's more expensive than Nessus. With technological products, you need to pay to get the best."
report
Use our free recommendation engine to learn which Patch Management solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
52%
Financial Services Firm
7%
Government
6%
Computer Software Company
5%
Computer Software Company
17%
Manufacturing Company
11%
Government
10%
Real Estate/Law Firm
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about BigFix?
The most valuable features of the solution are Windows patching and the hardware and software inventory.
What is your experience regarding pricing and costs for BigFix?
The pricing is competitive, but not the most competitive.
What needs improvement with BigFix?
Implementing a business solution with BigFix has some issues, primarily concerning the time required for distribution to clients if there are too many. Building a management console is quick and si...
What is your experience regarding pricing and costs for Qualys Patch Management?
Qualys Patch Management comes as part of a bundled package with several modules, making it a cost-effective deal for us. I cannot speak to the separate cost, as we have always used it as part of th...
What needs improvement with Qualys Patch Management?
There is room for improvement in the inclusion of more patches. That's the only improvement I would suggest. Not all patches are available on Qualys, so they need to get licenses for other patches ...
What is your primary use case for Qualys Patch Management?
Mostly, I've used it because I'm working in the Vulnerability Management Team. I've done the POC for Patch Management and then handed over the product to the Patch Management Team, which handles th...
 

Also Known As

Tivoli Endpoint Manager
No data available
 

Overview

 

Sample Customers

US Foods, Penn State, St Vincent's Health US Foods, Sabadell Bank, SunTrust, Australia Sydney, Stemac, Capgemini, WNS Global Services, Jebsen & Jessen, CenterBeam, Strauss, Christian Hospital Centre, Brit Insurance, Career Education Corporation
Information Not Available
Find out what your peers are saying about BigFix vs. Qualys Patch Management and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.