Home
Managing security threats
Learn how to use BigFix Inventory to manage security threats in your environment. You can view whether any of the installed components is prone to any Common Vulnerability and Exposure (CVE).
Collecting file checksums
Available from 9.2.3. Checksums are long strings that describe the content of files and act as their fingerprints. You can enable the calculation of checksums for files on your computers to check their integrity and to ensure that they were not altered or tampered with.

Managing security threats
Learn how to use BigFix Inventory to manage security threats in your environment. You can view whether any of the installed components is prone to any Common Vulnerability and Exposure (CVE).
- Collecting file checksums
  Available from 9.2.3. Checksums are long strings that describe the content of files and act as their fingerprints. You can enable the calculation of checksums for files on your computers to check their integrity and to ensure that they were not altered or tampered with.
  - Enabling the collection of checksums
    Available from 9.2.3. You enable the collection of checksums by running a fixlet that changes the configuration of the software scan for BigFix Inventory. When you select checksums and run the fixlet against a chosen endpoint, this endpoint is given new properties that represent either MD5, SHA-256, or both. Based on these properties, the software scan can recognize which checksums must be collected from an endpoint. If you choose just one type of checksum and want to add another one later, you need to run the fixlet again.
  - Viewing checksums in the user interface
    Available from 9.2.3. To view checksums in the user interface, you must enable columns that show this data. It can be useful to verify checksums of single files. For bigger amounts of files, use REST API that can retrieve all collected checksums at once.
  - Retrieving checksums through REST API
    Available from 9.2.3. To retrieve information about checksums, you can use REST API that is generally used to retrieve raw scanned file data. This API retrieves information about scanned files, such as name, size, version, path, and so on. It can also return the values of the MD5 and SHA-256 columns, which show the checksums.
- Preview: Checking Common Vulnerabilities and Exposures (CVEs)
  Available from 9.2.12. The software catalog contains information about Common Vulnerabilities and Exposures (CVEs). Browse the software catalog to check for any potential threats. Checking CVE in BigFix Inventory is a preview feature.

Collecting file checksums

Available from 9.2.3. Checksums are long strings that describe the content of files and act as their fingerprints. You can enable the calculation of checksums for files on your computers to check their integrity and to ensure that they were not altered or tampered with.

In general, checksums are used to ensure safe transmission of files between devices, or across the Internet. In the latter case, after downloading a file, you can calculate its checksum and then compare it to the original checksum that was published together with the download. If both checksums match, you know that your download is exactly the same as the published source file, and that it is secure. Otherwise, there was some data loss or alteration, which means that the file was corrupted, either by accident or intentionally.

In BigFix Inventory, checksums are calculated during the file system scan and are created for each file that is discovered by the scan. In other words, apart from collecting usual information about files, such as their version or size, the scanner also collects information about their checksums. The checksums can then be viewed in the user interface or retrieved by using REST API, and compared to the checksums of known virus signatures or malware to ensure that none of such files is present in your environment. If any of the collected checksums finds a match in the database of corrupted checksums, there is a high probability that the file associated with this checksum is not secure, and presents a potential security breach.

Checksums in BigFix Inventory can be calculated by using two hash functions, MD5 and SHA-256. The choice of either of these should depend on the database of corrupted checksums that you own, and that you can compare with checksums collected by the scan.