One of the most popular comparisons on IT Central Station is BigFix vs Carbon Black Cb Defense.
People like you are trying to decide which one is best for their company. Can you help them out?
What is the biggest difference between BigFix and Carbon Black Cb Defense? Which of these two solutions would you recommend to a colleague evaluating endpoint protection software and why?
Thanks for helping your peers make the best decision!
BigFix and Carbon Black are really two different products from a functionality standpoint and are not really competing products.
Carbon Black Defense is essentially an anti-malware (with more smarts and they refer to it as Next-gen AV)
BigFix does not provide anti-malware functionality. BigFix has multiple components that you would use to protect your environment
BigFix Patch: As the name suggests, this is used for patching your servers and workstations and supports just about any OS (AIX, Redhat, Ubuntu, Windows, Solaris, Oracle Linux and more). This allows you to report and deploy patches in your environment and be able to provide near realtime reporting for the current patch status.
BigFix Compliance: This component is used to provide vulnerability assessments and remediation of your environment. Supports PCI, DISA, CIS and a few more.
BigFix also integrates with IBM QRadar to provide a more comprehensive security overview. Cb can also report to QRadar, but there is no native app for it, but this is currently being developed.
So in the end, I cannot recommend one over the other as they are both important.
These are complementary solutions.
Cb Defense is a combination of next-gen AV and EDR capabilities.
BigFix is used to identify assets, distribute software, Patch OS� and applications, provision systems, keep systems continuously compliant and much more.
Many enterprises use BigFix to find which endpoints need Cb, distribute Cb agents, keep them updated and fix what Cb finds either by quarantining the endpoint, patching it, distributing a new application or wiping and reimaging it.