Skip to content
Big Picture

What Is Big Picture?

Big Picture is an enterprise-grade release management and licensing control plane for desktop software.

Big Picture helps software vendors ship evergreen desktop applications while remaining compatible with:

  • enterprise IT policies
  • regulated environments (finance, healthcare, government)
  • modern security and compliance expectations

Big Picture does not install software. Instead, it provides signed decisions, policies, and licenses that client applications and IT systems can safely act on.

The Problem Big Picture Solves

Section titled “The Problem Big Picture Solves”

Desktop software lives in a difficult space:

  • Users expect automatic updates and continuous improvement
  • Enterprises require control, auditability, and policy enforcement
  • Regulated customers may require self-hosted infrastructure, mirrors, or air-gapped operation
  • Vendors must manage licensing, entitlements, and usage without brittle offline keys

Most existing solutions solve only part of this problem:

  • Update frameworks focus on how to update a single application
  • Enterprise IT tools focus on how IT deploys software internally
  • Licensing platforms focus on monetization, often disconnected from release governance

Big Picture unifies these concerns into a single, coherent system.

What Big Picture Is (and Is Not)

Section titled “What Big Picture Is (and Is Not)”

Big Picture is

Section titled “Big Picture is”
  • A policy-driven control plane for desktop software updates
  • A trusted authority that signs update decisions and license leases
  • A system that supports SaaS or vendor self-hosted deployment
  • A platform that enables vendor-controlled mirrors for regulated downstream customers
  • A modern lease-based licensing system with cloud or local license servers

Big Picture is not

Section titled “Big Picture is not”
  • An installer or patching agent
  • A background service that bypasses IT controls
  • A replacement for Intune, SCCM, or MDM tools
  • A telemetry or analytics platform
  • A classic offline license-key generator

Note on telemetry: Big Picture is not a general-purpose analytics or surveillance platform. However, Big Picture is designed to participate in a customer’s existing telemetry ecosystem by producing well-defined, opt-in, operational and licensing signals (such as license activations, lease checks, renewals, and aggregate usage events) that customers can export, forward, or correlate with their own observability and analytics systems.

Core Concepts

Section titled “Core Concepts”

1. Signed Update Decisions

Section titled “1. Signed Update Decisions”

Big Picture evaluates:

  • what versions exist
  • which channel a client is on
  • tenant and customer-specific policy
  • staged rollout eligibility

It then returns a signed decision describing what actions are allowed:

  • install automatically
  • notify only
  • defer to IT-managed deployment
  • take no action

Clients verify the signature before acting.

2. Policy and Governance

Section titled “2. Policy and Governance”

Big Picture provides explicit policy controls, including:

  • update modes (AUTO_INSTALL, NOTIFY_ONLY, MANAGED_BY_IT)
  • version pinning and blocklists
  • per-tenant and per-product rules
  • global and per-tenant kill switches

This makes self-updating software acceptable in enterprise environments.

3. Vendor-Controlled Mirrors

Section titled “3. Vendor-Controlled Mirrors”

For regulated customers, Big Picture enables vendor-controlled mirrors:

  • Big Picture publishes signed snapshot bundles
  • Regulated customers run a mirror relay inside their network
  • Mirrors pull updates outbound-only, verify signatures, and host artifacts locally

Clients can operate entirely from local infrastructure while still trusting vendor-signed metadata.

4. Lease-Based Licensing

Section titled “4. Lease-Based Licensing”

Big Picture provides built-in licensing using short-lived, signed lease tokens:

  • per-user licensing
  • per-machine licensing
  • floating/concurrent licensing
  • feature-based entitlements

Licenses are validated against:

  • a cloud license server, or
  • a local license server for air-gapped or regulated environments

No offline license keys are required.

Telemetry and Reporting

Section titled “Telemetry and Reporting”

Lease-based licensing naturally produces high-value operational telemetry. Big Picture is designed to collect and expose this data in a controlled, auditable way that benefits both software vendors and regulated end customers.

Examples of telemetry produced by Big Picture include:

  • license activations and deactivations
  • lease issuance, renewal, expiration, and revocation
  • concurrent license utilization over time
  • feature-level usage signals (when enabled)
  • client version distribution tied to licensed usage

This information is useful for:

  • Regulated customers (e.g., banks, healthcare) to understand how licensed software is being used across their environment, support internal audits, capacity planning, and compliance reporting
  • Software vendors (ISVs) to understand adoption, utilization, and entitlement compliance

Big Picture does not replace a customer’s observability or analytics platform. Instead, it integrates with existing telemetry pipelines by:

  • emitting well-defined, documented events
  • supporting export to common observability systems
  • allowing aggregation and reporting locally or centrally

Both local license servers and offline mirrors can buffer telemetry and report it outbound on an approved schedule, preserving functionality in restricted or air-gapped environments while still enabling periodic reporting when permitted.

Deployment Models

Section titled “Deployment Models”

Big Picture supports multiple deployment models without changing the client contract:

SaaS (Vendor-Hosted)

Section titled “SaaS (Vendor-Hosted)”
  • Big Picture runs as a multi-tenant service
  • Signing keys are protected in cloud KMS/HSM
  • Managed artifact storage is optional

Vendor Self-Hosted

Section titled “Vendor Self-Hosted”
  • Big Picture runs in vendor infrastructure
  • Vendors control all signing and licensing keys
  • Ideal for vendors selling into highly regulated markets

Regulated Downstream Customers

Section titled “Regulated Downstream Customers”
  • Vendors enable downstream mirrors
  • Artifacts and snapshots are fully self-hosted
  • Operation can be outbound-only or fully isolated

How Big Picture Fits Into Existing Ecosystems

Section titled “How Big Picture Fits Into Existing Ecosystems”

Big Picture is designed to complement, not replace, existing systems:

  • CI/CD systems publish releases into Big Picture
  • Artifact repositories (JFrog, S3, GCS) store installers
  • IT tools (Intune, SCCM) deploy software when MANAGED_BY_IT is required
  • Desktop applications integrate using a Rust SDK or FFI bindings

Who Big Picture Is For

Section titled “Who Big Picture Is For”

Big Picture is designed for:

  • software vendors shipping desktop applications
  • platform teams managing multiple products
  • ISVs selling into enterprise or regulated markets
  • organizations that need evergreen updates without losing control

Next Steps

Section titled “Next Steps”

To learn more:

  • Read Core Principles to understand Big Picture’s design philosophy
  • Explore Use Cases to see real-world problems Big Picture solves
  • Review Comparisons to understand how Big Picture compares to alternatives
  • See Getting Started to begin using Big Picture

Big Picture exists to make modern desktop software safe, governable, and enterprise-ready—without sacrificing developer velocity.