BMC BladeLogic Server Automation: Patch Management Overview and Analysis

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

See our complete list of top patch management solutions.

Company Description

BMC was founded in 1980. Its many software offerings include Digital Enterprise Management solutions intended to make digital business fast, seamless, and optimized from mainframe to mobile to cloud and beyond. BMC software runs in 82 percent of the Fortune 500 and serves more than 10,000 customers worldwide. The patch management capability came from the company’s 2008 acquisition of BladeLogic.

Product Description

BMC BladeLogic Server Automation has extensive server configuration management capabilities, of which patching is a subset. BladeLogic supports operating systems from Microsoft server platforms, many Linux flavors, Solaris, AIX, etc. While patching is one of the core use cases enabled in BladeLogic Server Automation, others include provisioning, compliance, configuration management, and software deployment. BladeLogic is normally offered as a platform, but there are options to purchase only the patch capabilities if required.

Further features include the ability to stage and test patches before committing them. This can be used to copy patch bundles to the required servers before maintenance windows open and deployment starts. Additionally, the suite integrates with service desk change management systems. As patch jobs are created, change record creation is generated automatically. BMC has add-on SaaS services that enable vulnerability management and remediation. This is done by importing vulnerability management scan data from vendors like Qualys, Tenable and Rapid 7, and mapping the vulnerabilities back to underlying patches in BladeLogic, which can be used to remediate.

“The BladeLogic suite enables organizations to patch their environment from a single solution in a consistent way,” said Allison Cramer, Director of Solutions Marketing, BMC. “Roles-based access controls (RBAC) allow organizations to define and control which users and groups have access to managed servers.”

Markets and Use Cases

Target markets include larger enterprise customers with complex needs around patching and security. Typical industries are finance, healthcare, government, retailers, and service providers.

Applicable Metrics

BMC BladeLogic supports some enterprises with more than 150,000 servers under management.


BMC’s SecOps Response Service provides operational context to security scans. It’s a cloud-based solution that reduces the overall attack surface across multi-cloud environments, including AWS and Microsoft Azure. When coupled with endpoint management tools, including Microsoft SCCM and BMC BladeLogic Server Automation, organizations can rapidly prioritize and remediate.

Method of Delivery

BladeLogic Server Automation can be deployed as an on-premises solution, though there are also customers running BladeLogic inside of AWS and Azure. Some combine the two: BladeLogic operates on-premises, but they also have it managing cloud instances (for example, EC2 patch management).


BladeLogic Server Automation requires agents to be deployed to managed infrastructure.


No pricing details disclosed.

Get the Free Cybersecurity Newsletter

Strengthen your organization’s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

Drew Robb Avatar

Subscribe to Cybersecurity Insider

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis