BigFix vs ThreatLocker Zero Trust Endpoint Protection Platform comparison

HCLSoftware and ThreatLocker are both solutions in the Endpoint Protection Platform (EPP) category. HCLSoftware is ranked #22 with an average rating of 9.3, while ThreatLocker is ranked #6 with an average rating of 9.2. HCLSoftware holds a 1.1% mindshare in EPP, compared to ThreatLocker’s 0.7% mindshare. Additionally, 97% of HCLSoftware users are willing to recommend the solution, compared to 97% of ThreatLocker users who would recommend it.

BigFix

Read 97 BigFix reviews

2,968 Views
1,756 Comparison Views

97% willing to recommend

ThreatLocker Zero Trust End...

Read 39 ThreatLocker Zero Trust Endpoint Protection Platform reviews

2,269 Views
1,503 Comparison Views

97% willing to recommend

BigFix

ThreatLocker Zero Trust End...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Mar 23, 2025

BigFix and ThreatLocker compete in the endpoint management and security space. Based on the comparisons, ThreatLocker seems to have the upper hand due to its powerful zero trust approach and superior user feedback, especially regarding integration and customer support.

Features: BigFix provides robust endpoint management with multi-platform support, patch management, and comprehensive visibility into IT environments. It is scalable and integrates well with other systems, helping maintain compliance with various regulations. ThreatLocker offers a Zero Trust approach with application control, ring-fencing, and storage control. It provides detailed user activity visibility, minimizes unauthorized actions, and integrates effectively with existing security frameworks.

Room for Improvement: BigFix users desire a better web UI and enhanced reporting capabilities. They also seek better integration with third-party tools, improved documentation, and cloud-based solutions for flexibility. ThreatLocker users suggest enhancements in the user interface and workflow, especially for bulk actions and managing multiple policies. They also wish for improved training opportunities and reporting features.

Ease of Deployment and Customer Service: BigFix is commonly used on-premises, praised for strong technical support and community help, though experiences can vary. ThreatLocker provides versatile cloud deployment options, including hybrid and private clouds, and is acknowledged for commendable technical support, noted for quick and helpful responses, along with effective training through its university resources.

Pricing and ROI: BigFix's pricing may be high, particularly with additional functionality, but it offers a significant ROI through automation and reduced resource requirements, providing cost-effectiveness with long-term savings. ThreatLocker is viewed as reasonably priced compared to its comprehensive security offerings. It is favored for cost-effectiveness in the cybersecurity market, providing strong ROI through security tool consolidation and reducing management overhead, though some contract adjustment challenges are noted.

To learn more, read our detailed BigFix vs. ThreatLocker Zero Trust Endpoint Protection Platform Report (Updated: April 2025).

Buyer's Guide

BigFix vs. ThreatLocker Zero Trust Endpoint Protection Platform

April 2025

Download the complete report

Helped 851,491 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

BigFix

Ranking in Endpoint Protection Platform (EPP)

22nd

Average Rating

8.6

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

Configuration Management (6th), Patch Management (2nd), Unified Endpoint Management (UEM) (4th)

ThreatLocker Zero Trust End...

Ranking in Endpoint Protection Platform (EPP)

6th

Average Rating

9.2

Reviews Sentiment

7.6

Number of Reviews

Ranking in other categories

Network Access Control (NAC) (4th), Advanced Threat Protection (ATP) (6th), Application Control (1st), ZTNA (3rd), Ransomware Protection (4th)

Mindshare comparison

As of May 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of BigFix is 1.1%, up from 0.8% compared to the previous year. The mindshare of ThreatLocker Zero Trust Endpoint Protection Platform is 0.7%, down from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP)

Featured Reviews

Bella Yakoby

CEO at Novilis

Offers third-party patching feature, good scalability, and enhance endpoint management capabilities

From the perspective of the team that's handling the environment, it's not so user-friendly compared to other solutions, the competitors. We hire new teams from time to time, and they are complaining, look, although BigFix is very robust and cross-platform, it's not so fun to work with. The user interface for the technical teams is not so advanced. It's not so intuitive compared to SCCM, compared to ManageEngine. And this is the fact that they have, with the teams, because they have the rejection. The look and feel of the system are old-fashioned. For new employees, it's less easy to find someone I don't need to educate on how to work with BigFix. Although it's easy, it's not as intuitive as the other solutions, and the functionality of the other solutions is less advanced. Let's summarize: The user interface has to be changed from the perspective of the teams that are managing the product. It's old school.

Read full review

Johnathan Bodily

Technical Engineer at Cloud 1 Solutions

Ensures ransomware protection and reduces phishing chaos

The application control has been great so far, and while I am still exploring the network access controls, I unfortunately don't have access to one module I would love to have due to licensing restrictions. It's easy to use in regard to reducing attack surfaces. For me, it's a piece of cake. We can have something approved within 30 seconds, thanks to the mobile app. We haven't eliminated security solutions. We just add to it, and ThreatLocker has been a great addition. We also have Kaseya and ThreatLocker as a supplement to that. It's useful. They have overlap, and we look at the overlap as a good thing. It's helped your organization save on operational costs or expenses by ensuring that many fewer hours are spent dealing with ransomware nonsense. I cannot count the amount of hours that I personally have not had to put in to recovering an environment from a ransomware event. The last big one took us about three weeks to completely recover from. Since we've grouped ThreatLocker in, the management of that whole setup has gone down to just daily help desk tasks and general server maintenance instead of having the whole system on fire. There are probably thousands of hours of saved time between our teams. It's been great so far. ThreatLocker Zero Trust Endpoint Protection Platform's ability to block access to unauthorized applications is great. It's my biggest protection, the blocked applications. In a lot of cases, you go to install something yourself that you need for management, and it comes in and says, nope. And then I have to log into the portal and approve it. I get our other guys saying, hey, why are you trying to approve something? Any of the tools that I'm using on a day-to-day basis that haven't been in the environment during the whole learning mode initially, I could go through and set extensions and all that. So, while it's a headache on that end, the amount of saved time I can't even count. It is a little frustrating on my end since I like to go as quickly as I possibly can, and it slows me down. However, that's a really good thing. Depending on the site, it can save a lot of time and cut down headaches. It's likely saved a week's worth of time. It's cut down the amount of sever help desk tickets. Those have become minimal.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable features are patch management, software installation, and asset management."

"BigFix has drastically reduced the maintenance window period to patch and reboot servers."

"We receive the patches automatically, and BigFix spreads them automatically to our endpoints."

"BigFix can manage lost devices, so you can wipe them remotely to ensure the IP doesn't get out in public. Unified endpoint security is a new perspective. I know that HCL is also collaborating with IBM, but I'm not sure if there is any cooperation between them and MaaS360 or other endpoint components."

"The best feature of BigFix is its multi-platform support."

"I like the inventory and life cycle management feature."

"The older version of the tools that I use also included the connectivity aspect, and the fact that the tool now has it separate from the collection of usage data makes the deployment of these tools much easier."

"Having higher visibility on patching level, on patching successful, and non-successful has been a way that BigFix has improved my organization. Also, the ability to customize the content to do what we need it to do is very powerful and very flexible for us. Finally, in the area of custom interfaces like REST API really gives us the ability to provide for our external customers."

More BigFix pros

"Feature-wise, the learning mode and the fact that it's blocking everything are the most valuable. I don't see why more companies don't use the type of product."

"The biggest one that we focus on is the application control with ringfencing. That combination is very beneficial."

"The deployment is very easy."

"ThreatLocker has significantly improved numerous techniques that mitigate vulnerabilities and viruses initiated on the back end of a network."

"Overall, everything is excellent, and everything is well-prepared, from the laptops provided to the overall setup."

"Customer service is good. The Cyber Hero program ensures there is always someone available to help."

"We are seeing a return on investment, especially with our managers and customers."

"Unified Audit is excellent for identifying our denies and using those to dynamically create rules, as opposed to manually observing the logs and creating them. It saves so much time."

More ThreatLocker Zero Trust Endpoint Protection Platform pros

Cons

"Around the scalability concern, I would like to see the ability to run teamed, clustered, or hierarchical root servers, in order to provide a more robust, high availability system. The single monolithic root server model does somewhat bother me."

"The new EDR (Endpoint Detection and Response) feature, Detect, is new and still needs a few updates."

"The tool should be more friendly in terms of Web UI and should be having better vulnerability scanning mechanisms so a third-party application is not required to fulfill that aspect."

"The reporting structure could be a little more simplistic. Currently, it throws too many vulnerabilities. Some of them are not needed because they are only informational and limitations, and they are not of much help. It doesn't need to show us these things."

"Sometimes there is a lag time for our users."

"The solution needs to improve console speed. I would like to see one console that does everything. It doesn't need to have a big client console."

"While performing integration, we face many issues with IBM solution. We need detailed information about those issues that can help users to mitigate them."

"The main shortcoming of BigFix was integration with vulnerability management. If you had a vulnerability in your software and BigFix on the endpoint, you needed integration with Qualys, Tenable, or another vulnerability management solution to fix that. It was like, "Okay, we can identify issues, and get that information back from the endpoint, but what are we doing about it?""

More BigFix cons

"It would be beneficial to have a tighter integration into PSA systems so that approvals can be done directly without having to leave the PSA."

"The reporting could be improved."

"Scalability is challenging, not due to the platform. Scaling ThreatLocker Zero Trust Endpoint Protection Platform usage requires dedicated resources for maintenance."

"It has not reduced helpdesk tickets. It has probably increased them by blocking applications and doing its job, resulting in people raising more tickets to know why they cannot use certain things."

"If you have a thousand computers with ThreatLocker agents on them, when you approve or create a new policy saying that Adobe Reader that matches this hashtag and meets certain criteria is allowed to be installed, it applies at the top level or the organization level. It applies to every computer in the company. When you make that new policy and push it out and it goes out and updates all of the clients. Unfortunately, at this time, it does not look like they stagger the push-out."

"We also have customers who are frustrated because they cannot do what they used to do, which was run anything they wanted to."

"ThreatLocker University offers many good training modules, but more in-depth training for advanced platforms would be beneficial."

"From a reporting perspective, enhancing the ability to customize reports would be beneficial."

More ThreatLocker Zero Trust Endpoint Protection Platform cons

Pricing and Cost Advice

"The price of the solution is high. There are not any additional fees from the standard license."

"The cost is slightly high."

"The price of BigFix is better than the solutions. You are able to pay monthly or annually. There are not any hidden costs with BigFix. There is an additional cost for the SQL database."

"The product is less costly when compared to other solutions, and this is a good solid solution for what we have paid."

"I can estimate the reduced cost of servers maintenance to approximatively $500,000."

"Compliance, inventory, and licensing are really pricey. They should lower the price. It discourages users from getting onboard."

"You get what we call the Platform Edition, which you get for free. The patch service is maybe $0.50 per workstation per month. Then there's the basic server cost, which is about $1.50 per server per month. You also get into Lifecycle which does power management, OSD remote control, and those types of things, and that might be about 10 times the price - which works out to about $13 per server and, maybe $5 per workstation per month."

"We have a subscription-based contract with BigFix."

More BigFix pricing and cost advice

"I can't complain. Cheaper would always be nice, but I think it's reasonable compared to other software in the cybersecurity market."

"I do not know about the licensing and price as it comes bundled from our MSP. However, it seems fairly reasonable for us, which is why we chose it."

"Although the pricing seems good, there have been inconsistencies in contract negotiations."

"The pricing is reasonable and normal. I do not have any problems with the cost."

"The price is very reasonable, and we have been able to integrate ThreatLocker with all of our clients."

"The pricing works fine for me. It's very reasonably priced."

"The pricing is pretty fair, considering other solutions. Licensing-wise, it did not take long."

"We have encountered a few challenges regarding pricing, contract renewals, and additions. As we explored adding features like Cyber Hero, it proved to be an increased expense for our clients. This was primarily a mistake on our part due to how we initially priced it to clients."

More ThreatLocker Zero Trust Endpoint Protection Platform pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.

See recommendations

851,491 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

44%

Financial Services Firm

Government

Computer Software Company

37%

Retailer

Financial Services Firm

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about BigFix?

The most valuable features of the solution are Windows patching and the hardware and software inventory.

See all answers

What is your experience regarding pricing and costs for BigFix?

The pricing is competitive, but not the most competitive.

See all answers

What needs improvement with BigFix?

Implementing a business solution with BigFix has some issues, primarily concerning the time required for distribution to clients if there are too many. Building a management console is quick and si...

See all answers

What do you like most about ThreatLocker Allowlisting?

The interface is clean and well-organized, making it simple to navigate and find what we need.

See all answers

What is your experience regarding pricing and costs for ThreatLocker Allowlisting?

Pricing, setup costs, and licensing have been pretty accessible and manageable. It was not too expensive to get started, especially at a small scale for a smaller MSP. It is very accessible, easy t...

See all answers

What needs improvement with ThreatLocker Allowlisting?

For the space that it's in, it's already there. I don't know of another product that compares to its level. Even recently, with the addition of the detect module is a very nice add-on to the packet...

See all answers

Comparisons

Microsoft Intune vs BigFix

Compared 12% of the time

Tanium vs BigFix

Compared 9% of the time

Microsoft Configuration Manager vs BigFix

Compared 8% of the time

Red Hat Ansible Automation Platform vs BigFix

Compared 7% of the time

Red Hat Satellite vs BigFix

Compared 5% of the time

More BigFix Competitors

SentinelOne Singularity Complete vs ThreatLocker Zero Trust Endpoint Protection Platform

Compared 21% of the time

CrowdStrike Falcon vs ThreatLocker Zero Trust Endpoint Protection Platform

Compared 18% of the time

Microsoft Defender for Endpoint vs ThreatLocker Zero Trust Endpoint Protection Platform

Compared 17% of the time

Ivanti Application Control vs ThreatLocker Zero Trust Endpoint Protection Platform

Compared 6% of the time

GravityZone Business Security vs ThreatLocker Zero Trust Endpoint Protection Platform

Compared 2% of the time

More ThreatLocker Zero Trust Endpoint Protection Platform Competitors

Product Reports

Buyer's Guide

BigFix

May 2025

Download BigFix product report

Buyer's Guide

ThreatLocker Zero Trust Endpoint Protection Platform

April 2025

ThreatLocker Zero Trust Endpoint Protection Platform report

Download ThreatLocker Zero Trust Endpoint Protection Platform product report

Also Known As

Tivoli Endpoint Manager

Protect, Allowlisting, Network Control, Ringfencing

Overview

HCL BigFix is a powerful patch management tool that enables organizations to simply control their patch management operations. It is designed so that IT security and operations teams can collaborate in the most effective way possible. Users that employ BigFix can find and fix issues with their endpoints faster than those that employ its competitors. It comes with thousands of security checks that can be deployed quickly and easily. These enable users to safeguard themselves from a wide variety of digital threats.

HCL BigFix Benefits

Some of the ways that organizations can benefit by choosing to deploy HCL BigFix include:

Total visibility and simplified control. BigFix provides users with total system visibility while simultaneously enabling administrators to easily manage their networks. It enables organizations to run all of their patch management operations from a single user interface. This UI contains all of BigFix’s system controls. It also contains all of an organization’s network data. Users will never have to search for the features or information that they need as everything is centrally located.

Maximum benefit for reduced overhead. BigFix enables businesses to integrate with more than 100 different operating systems. Users can utilize the operating system of their choice without multiplying their overhead costs. They can keep costs down while still achieving their goals.

Flexibility. BigFix is highly flexible. Users can integrate it with the top vulnerability management solutions on the market. This enables users to maximize their protective coverage and minimize the amount of time that they have to spend resolving issues.

BigFix Features

BigFix Insights. The BigFix insights feature gives users access to a powerful deep analysis tool. This tool enables organizations to gather data from all of their endpoints and compile them into reports that can aid administrators in their work. It can centralize an organization’s data and also enable it to import data from other sources so that it can make more informed decisions.

Task automation. BigFix has the ability to automate rudimentary tasks so that users can focus on tasks that require a greater level of attention. This can include tasks such as event remediation and data collection. This feature enables users to focus their attention on other more critical tasks.

Data loss prevention tool. This tool enables users to prevent critical data from being leaked or leaking accidentally. It creates policies that limit or prevent sensitive data from being transmitted. It also enforces the privacy protocols that are already in place. Organizations can leverage this tool to bolster the security protecting their data from malicious actors.

Web reputation tool. This tool proactively protects networks from malicious websites. It scans for potentially dangerous websites and opens a blocking page when one is detected. Users are also given the ability to set proxy server credentials for the system to recognize and authenticate. Users can use this to ensure that suspicious websites are unable to infect their networks.

Centralized UI. BigFix comes with a built-in UI that centralizes all of the solution’s features so that they can be accessed from a single location. It enables administrators to target specific portions of the network when issues arise without requiring them to take actions that will affect the entire network.

Reviews from Real Users

HCL BigFix is a highly effective solution that stands out when compared to most of its competitors. Two major advantages it offers are its auto-patching capability and its user-friendly tools.

Santhosh K., the chief executive officer of Catnip Infotech Private Limited, writes, “The second valuable feature is, BigFix also has an auto patch updating feature, where the latest patches, and what is required for my system are automatically downloaded and kept ready for me. The solution applies the patch and notifies me after applying the patch. BigFix also gives me a ping saying that I should reset my system within a certain period of time, while the patch is being applied. Let's say, the patch is being applied and if there's an issue, the solution can revoke the applied patch, and revert back to the old state.”

Benedikt S., an application administrator, says, “It's very straightforward. The usability is very close to everyday technical tools that you use as a systems administrator. So it's quite user-friendly.”

HCLSoftware

ThreatLocker Zero Trust Endpoint Protection Platform offers robust endpoint security through application control and allowlisting, safeguarding servers and workstations from unauthorized software execution.

ThreatLocker Zero Trust Endpoint Protection Platform provides extensive application control with features like ring-fencing and selective elevation, ensuring meticulous execution management. Offering learning mode and extensive support, it integrates threat detection and activity monitoring to enhance compliance, reduce costs, and bolster cybersecurity through alerts and approvals. Despite its strengths, there are areas for improvement in training flexibility, policy updates, and interface enhancements, along with challenges in handling non-digitally signed software. Deployed across environments, it works well with existing cybersecurity instruments for real-time threat prevention.

What are the top features of ThreatLocker?

Intuitive Interface: User-friendly design simplifies endpoint protection management.
Application Blocking: Prevents unauthorized applications from running.
Selective Elevation: Grants control over application permissions.
Ring-Fencing: Isolates applications to limit interactions.
Allowlisting: Ensures only trusted software can execute.
Learning Mode: Facilitates configuration by observing user behavior.
Real-Time Support: Access to assistance and training resources.

What benefits should reviewers seek?

Compliance: Meets regulatory standards.
Operational Cost Reduction: Consolidated alerts and approvals.
Enhanced Cybersecurity: Prevention of unauthorized applications.
Regulatory Alignment: Helps ensure adherence to legal requirements.

ThreatLocker Zero Trust Endpoint Protection Platform is widely implemented to safeguard IT infrastructures against unauthorized access and application use. In sectors where data security is paramount, this platform enables users to prevent unauthorized software installations and control device applications, ensuring real-time threat prevention and compliance with industry regulations.

ThreatLocker

Sample Customers

US Foods, Penn State, St Vincent's Health US Foods, Sabadell Bank, SunTrust, Australia Sydney, Stemac, Capgemini, WNS Global Services, Jebsen & Jessen, CenterBeam, Strauss, Christian Hospital Centre, Brit Insurance, Career Education Corporation

Information Not Available

Buyer's Guide

BigFix vs. ThreatLocker Zero Trust Endpoint Protection Platform

April 2025

Free Report: BigFix vs. ThreatLocker Zero Trust Endpoint Protection Platform

Find out what your peers are saying about BigFix vs. ThreatLocker Zero Trust Endpoint Protection Platform and other solutions. Updated: April 2025.

DOWNLOAD NOW

851,491 professionals have used our research since 2012.

See our BigFix vs. ThreatLocker Zero Trust Endpoint Protection Platform report.

See our list of best Endpoint Protection Platform (EPP) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.