BigFix vs Qualys Patch Management comparison

HCLSoftware and Qualys are both solutions in the Patch Management category. HCLSoftware is ranked #2 with an average rating of 9.3, while Qualys is ranked #4 with an average rating of 8.9. HCLSoftware holds a 10.1% mindshare in PM, compared to Qualys’s 4.4% mindshare. Additionally, 97% of HCLSoftware users are willing to recommend the solution, compared to 97% of Qualys users who would recommend it.

BigFix

Read 97 BigFix reviews

3,517 Views
2,042 Comparison Views

97% willing to recommend

Qualys Patch Management

Read 34 Qualys Patch Management reviews

897 Views
406 Comparison Views

97% willing to recommend

BigFix

Qualys Patch Management

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 16, 2024

BigFix and Qualys Patch Management compete in the patch management domain. BigFix is noted for its comprehensive endpoint management, while Qualys stands out for its integration with security tools.

Features: BigFix offers extensive automation, strong endpoint management, and versatile configurations. Qualys integrates seamlessly with security and compliance tools, provides robust security measures, and ensures efficient patching.

Room for Improvement: BigFix can enhance its reporting capabilities, simplify complex configurations, and improve usability. Qualys needs better scalability, faster patch deployment, and increased performance.

Ease of Deployment and Customer Service: BigFix is powerful but complex in deployment with responsive, though occasionally slow, customer service. Qualys offers smoother, less complex deployment and quick, efficient customer service.

Pricing and ROI: BigFix may have a costly initial setup, but its features justify the long-term ROI. Qualys has more competitive pricing with quicker ROI, aided by efficient patching.

To learn more, read our detailed BigFix vs. Qualys Patch Management Report (Updated: April 2025).

Buyer's Guide

BigFix vs. Qualys Patch Management

April 2025

Download the complete report

Helped 851,491 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

BigFix

Ranking in Patch Management

2nd

Average Rating

8.6

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

Configuration Management (6th), Endpoint Protection Platform (EPP) (22nd), Unified Endpoint Management (UEM) (4th)

Qualys Patch Management

Ranking in Patch Management

4th

Average Rating

9.0

Reviews Sentiment

7.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of May 2025, in the Patch Management category, the mindshare of BigFix is 10.1%, down from 12.4% compared to the previous year. The mindshare of Qualys Patch Management is 4.4%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Patch Management

Featured Reviews

Bella Yakoby

CEO at Novilis

Offers third-party patching feature, good scalability, and enhance endpoint management capabilities

From the perspective of the team that's handling the environment, it's not so user-friendly compared to other solutions, the competitors. We hire new teams from time to time, and they are complaining, look, although BigFix is very robust and cross-platform, it's not so fun to work with. The user interface for the technical teams is not so advanced. It's not so intuitive compared to SCCM, compared to ManageEngine. And this is the fact that they have, with the teams, because they have the rejection. The look and feel of the system are old-fashioned. For new employees, it's less easy to find someone I don't need to educate on how to work with BigFix. Although it's easy, it's not as intuitive as the other solutions, and the functionality of the other solutions is less advanced. Let's summarize: The user interface has to be changed from the perspective of the teams that are managing the product. It's old school.

Read full review

Revathi VeeraRaghavan

Information Security - Manager at Infosys

Provides a centralized platform for managing assets and vulnerabilities, enabling assessment, prioritization, and remediation

Qualys Patch Management system requires several improvements. Firstly, the inability to download asset patches and the lack of third-party application integration limit patch accessibility. Additionally, rollback options are unreliable, and pre-deployment patch testing is crucial. Reporting needs enhancement, particularly with group-based compliance percentages and clearer, VMDR-like reporting in the Patch Management module. Furthermore, detection speed should be improved, as patches are released 24 hours after QIDs are published. The user interface could be more functional, with dashboards for patch compliance visualization and simplified error code language. Finally, the Mac patch catalogue needs expansion, and automated workflows, policy enforcement, and testing procedures should be streamlined for seamless, user-independent operation.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"My company provides support services to a lot of customers and companies. We have reduced a huge amount of man-effort. Along with the man-effort, we have reduced the timeline to fix the compliance and security gaps. We have an unbroken record. The documentation clearly says that we have done the patching of newly released patches, including Microsoft and third-party patches, in up to 80% of the computers, within 72 hours of the release of the production. That was a very massive benefit that we have seen. When I talk about the 80% endpoints, it is 100 or 200. I am talking about 25,000 endpoints."

"Ability to run custom reports and custom relevance."

"It allows us to quickly deploy capabilities that we need, whether it be security or non-security. We use it to keep systems up to date, deploy new drivers, find the information we need in the case of security incidents. The capability allows us to gather a lot of information very quickly and it also allows us to have a centralized reporting feature and a centralized deployment capability which is nice."

"The most valuable feature is patch management, a must have, even for Linux and iOS."

"Patch Management for a variety of operating systems makes it valuable as we can rely on a single tool for obtaining patch compliance of the entire compute infrastructure."

"Software distribution and patch management are the most valuable."

"It allows for visibility into the OT, the industrial environments, that didn't exist before which is a big piece and has benefited my organization. Second, the speed at which people can patch is night and day versus SCCM scan or another similar solution."

"I think BigFix is a very good solution, and I rate it ten out of ten."

More BigFix pros

"Qualys Patch Management excels with its automated patch scheduling and retrieval."

"Qualys Patch Management offers excellent features, most notably the Qualys Gateway Service, which caches patches and distributes them to agents, minimizing bandwidth consumption."

"For a few applications, you do not need to go and download the patches from the network or somewhere else. They have the patches or the latest updates in the directory. You can just select a patch and deploy it to a server. You can create a patch job and select the patch. Everything is within the interface. You do not need to go out of it."

"The features I find most valuable in Qualys Patch Management include the ability to manage registry changes and run scripts both pre and post-patching. We have been able to apply workarounds for zero-day vulnerabilities efficiently."

"The most valuable feature in Patch Management is the Qualys query language for set-it-and-forget-it patching for our preapproved patches, and our preapproved schedules, That is extremely helpful compared to the old days of patching."

"The integration of Qualys Gateway Scanner is my favorite feature."

"Our patch rate was 85 percent before implementing Qualys Patch Management, and now it is 98 percent."

"Qualys Patch Management has reduced our organizational risk by 99.9 percent."

More Qualys Patch Management pros

Cons

"The stability is generally pretty good. The one thing that we came across is the battle between load on endpoints and load on our servers and relays versus how quickly, effectively and reliably actions can be taken. I'd like to not have to take an action on a system while I'm working with someone and then have to say whether something will happen between five seconds or thirty minutes from that point."

"It can be improved speed-wise. They can make it a little bit light. If you do any query for servers in bulk, it can take some time. Similarly, creating a job can take some time."

"We're a partner, so we deliver technical support to customers. When we need to talk to the product support, traditionally, with the product over the last five years, I would not say support has been supportive. I hope that changes."

"I would like to see more integration with external data."

"The BigFix Inventory could have an increased scope regarding the tools that can be detected. It does not cover all the possible software installed in Asset."

"I'd like to see better integration, with the different applications within BigFix. Instead of sometimes feeling like four or five different applications, they need to be integrated a little better within themselves."

"The new EDR (Endpoint Detection and Response) feature, Detect, is new and still needs a few updates."

"BigFix could improve its asset management capabilities to discover assets, including hardware."

More BigFix cons

"Downloading extensive vulnerability reports, especially those with millions of entries, is time-consuming. To improve efficiency, Qualys should implement faster download speeds and offer reports in Excel format in addition to the current CSV option."

"I struggled to see patch availability for some applications in the Qualys console, requiring me to use third-party repositories. If repositories could be integrated within the Qualys module, it would simplify the patching process for me."

"However, it would be good to have more widgets and AI-generated reports. I have not seen anything related to AI with Qualys."

"The patch status and patch completion information should be improved. If a patch fails due to some reason, such as a Windows error, the error code that gets published should be more detailed."

"It would be beneficial to have more efficiently scheduled task deployments that are tailored to specific asset types or deployment needs."

"There is a limitation where Qualys may not always offer solutions for remediation, particularly for end-of-life or end-of-service applications."

"The GUI has areas that need improvement, particularly in the accuracy of results when adding dashboards and running queries."

"The patch status and patch completion information should be improved."

More Qualys Patch Management cons

Pricing and Cost Advice

"The cost is slightly high."

"The price of BigFix could be lower. However, I am always seeking a lower price."

"The price is very fair."

"The price of BigFix is better than the solutions. You are able to pay monthly or annually. There are not any hidden costs with BigFix. There is an additional cost for the SQL database."

"The tool's price continues to go up. The cost per endpoint can vary, ranging from approximately 30 to 80 dollars per year. Compared to other products, pricing is in the middle. You need to buy an additional database license, but most users already have it."

"You get what we call the Platform Edition, which you get for free. The patch service is maybe $0.50 per workstation per month. Then there's the basic server cost, which is about $1.50 per server per month. You also get into Lifecycle which does power management, OSD remote control, and those types of things, and that might be about 10 times the price - which works out to about $13 per server and, maybe $5 per workstation per month."

"The product is less costly when compared to other solutions, and this is a good solid solution for what we have paid."

"So, the pricing is slightly more expensive than the others. I have to keep buying licenses every time I add a new device."

More BigFix pricing and cost advice

"Pricing for Qualys Patch Management is moderate."

"It is affordable, but they should provide features as per the rate they are charging. We have a big infrastructure with about 80,000 licenses. We expect better support from the Qualys team. So, it is affordable, but more features should be there, and the support should be better."

"Its price is competitive in the market. Compared to other solutions like Rapid7, Qualys offers a favorable price point and robust features."

"Pricing is on the higher side. We found it costly compared to other vendors."

"The pricing is reasonable and less expensive than the previous tool."

"From what I have heard, Qualys Patch Management is pricey, which is a main barrier to entry. Another aspect that I do not like about Qualys is that they do not add new patch management functionalities to the existing package. It is a separate SKU, so you have to pay more money."

"The pricing is reasonable and competitive. We get many more features at the same price compared to other solutions such as Microsoft SCCM. It is worth the money considering the services and features it has. Their support team is also awesome."

"I'm unaware of Qualys' exact price, but it's more expensive than Nessus. With technological products, you need to pay to get the best."

More Qualys Patch Management pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Patch Management solutions are best for your needs.

See recommendations

851,491 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

44%

Financial Services Firm

Government

Computer Software Company

17%

Manufacturing Company

12%

Government

11%

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about BigFix?

The most valuable features of the solution are Windows patching and the hardware and software inventory.

See all answers

What is your experience regarding pricing and costs for BigFix?

The pricing is competitive, but not the most competitive.

See all answers

What needs improvement with BigFix?

Implementing a business solution with BigFix has some issues, primarily concerning the time required for distribution to clients if there are too many. Building a management console is quick and si...

See all answers

What is your experience regarding pricing and costs for Qualys Patch Management?

Qualys Patch Management comes as part of a bundled package with several modules, making it a cost-effective deal for us. I cannot speak to the separate cost, as we have always used it as part of th...

See all answers

What needs improvement with Qualys Patch Management?

I deploy patches to endpoints and servers every month. However, despite a job showing as successful, I need to examine the job in detail. For instance, if I have deployed patches to 100 endpoints, ...

See all answers

What is your primary use case for Qualys Patch Management?

I use Qualys Patch Management as a single platform for patch management. We have Microsoft, Adobe, and various other apps. I create a scheduled task to push all the required patches to the laptops ...

See all answers

Comparisons

Microsoft Intune vs BigFix

Compared 12% of the time

Tanium vs BigFix

Compared 9% of the time

Microsoft Configuration Manager vs BigFix

Compared 8% of the time

Red Hat Ansible Automation Platform vs BigFix

Compared 7% of the time

CrowdStrike Falcon vs BigFix

Compared 3% of the time

More BigFix Competitors

Ivanti Security Controls vs Qualys Patch Management

Compared 14% of the time

Microsoft Configuration Manager vs Qualys Patch Management

Compared 14% of the time

Patch My PC vs Qualys Patch Management

Compared 13% of the time

ManageEngine Patch Manager Plus vs Qualys Patch Management

Compared 11% of the time

Microsoft Windows Server Update Services vs Qualys Patch Management

Compared 8% of the time

More Qualys Patch Management Competitors

Product Reports

Buyer's Guide

BigFix

May 2025

Download BigFix product report

Buyer's Guide

Qualys Patch Management

May 2025

Download Qualys Patch Management product report

Also Known As

Tivoli Endpoint Manager

No data available

Overview

HCL BigFix is a powerful patch management tool that enables organizations to simply control their patch management operations. It is designed so that IT security and operations teams can collaborate in the most effective way possible. Users that employ BigFix can find and fix issues with their endpoints faster than those that employ its competitors. It comes with thousands of security checks that can be deployed quickly and easily. These enable users to safeguard themselves from a wide variety of digital threats.

HCL BigFix Benefits

Some of the ways that organizations can benefit by choosing to deploy HCL BigFix include:

Total visibility and simplified control. BigFix provides users with total system visibility while simultaneously enabling administrators to easily manage their networks. It enables organizations to run all of their patch management operations from a single user interface. This UI contains all of BigFix’s system controls. It also contains all of an organization’s network data. Users will never have to search for the features or information that they need as everything is centrally located.

Maximum benefit for reduced overhead. BigFix enables businesses to integrate with more than 100 different operating systems. Users can utilize the operating system of their choice without multiplying their overhead costs. They can keep costs down while still achieving their goals.

Flexibility. BigFix is highly flexible. Users can integrate it with the top vulnerability management solutions on the market. This enables users to maximize their protective coverage and minimize the amount of time that they have to spend resolving issues.

BigFix Features

BigFix Insights. The BigFix insights feature gives users access to a powerful deep analysis tool. This tool enables organizations to gather data from all of their endpoints and compile them into reports that can aid administrators in their work. It can centralize an organization’s data and also enable it to import data from other sources so that it can make more informed decisions.

Task automation. BigFix has the ability to automate rudimentary tasks so that users can focus on tasks that require a greater level of attention. This can include tasks such as event remediation and data collection. This feature enables users to focus their attention on other more critical tasks.

Data loss prevention tool. This tool enables users to prevent critical data from being leaked or leaking accidentally. It creates policies that limit or prevent sensitive data from being transmitted. It also enforces the privacy protocols that are already in place. Organizations can leverage this tool to bolster the security protecting their data from malicious actors.

Web reputation tool. This tool proactively protects networks from malicious websites. It scans for potentially dangerous websites and opens a blocking page when one is detected. Users are also given the ability to set proxy server credentials for the system to recognize and authenticate. Users can use this to ensure that suspicious websites are unable to infect their networks.

Centralized UI. BigFix comes with a built-in UI that centralizes all of the solution’s features so that they can be accessed from a single location. It enables administrators to target specific portions of the network when issues arise without requiring them to take actions that will affect the entire network.

Reviews from Real Users

HCL BigFix is a highly effective solution that stands out when compared to most of its competitors. Two major advantages it offers are its auto-patching capability and its user-friendly tools.

Santhosh K., the chief executive officer of Catnip Infotech Private Limited, writes, “The second valuable feature is, BigFix also has an auto patch updating feature, where the latest patches, and what is required for my system are automatically downloaded and kept ready for me. The solution applies the patch and notifies me after applying the patch. BigFix also gives me a ping saying that I should reset my system within a certain period of time, while the patch is being applied. Let's say, the patch is being applied and if there's an issue, the solution can revoke the applied patch, and revert back to the old state.”

Benedikt S., an application administrator, says, “It's very straightforward. The usability is very close to everyday technical tools that you use as a systems administrator. So it's quite user-friendly.”

HCLSoftware

Qualys Patch Management optimizes patching and vulnerability remediation through automation and intelligence insights, accelerating the process by 43% and improving patch rates by 90%. Its integration with CMDB and ITSM tools speeds up ticket closures by 60%, effectively reducing the attack surface while freeing IT and security resources. This cloud-based solution bridges the IT-security gap, making it essential for cybersecurity.

Qualys

Sample Customers

US Foods, Penn State, St Vincent's Health US Foods, Sabadell Bank, SunTrust, Australia Sydney, Stemac, Capgemini, WNS Global Services, Jebsen & Jessen, CenterBeam, Strauss, Christian Hospital Centre, Brit Insurance, Career Education Corporation

Information Not Available

Buyer's Guide

BigFix vs. Qualys Patch Management

April 2025

Free Report: BigFix vs. Qualys Patch Management

Find out what your peers are saying about BigFix vs. Qualys Patch Management and other solutions. Updated: April 2025.

DOWNLOAD NOW

851,491 professionals have used our research since 2012.

See our BigFix vs. Qualys Patch Management report.

See our list of best Patch Management vendors.

We monitor all Patch Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.