Permissions
A user can have access to a limited set of resources or to all resources depending on the permissions assigned to him.
A user has a role that defines the actions allowed on the resources. The different roles that can be assigned to a user are:
- Auditor
- Security administrator
- System administrator
- Cyberwatch administrator
Changing a user’s access permissions is described here.
The different actions authorized according to the access permissions are described in the following table:
| Auditor | Security Administrator | System Administrator | Cyberwatch Administrator | |
|---|---|---|---|---|
| Generate an export | ✓ | ✓ | ✓ | ✓ |
| Consult the vulnerabilities encyclopedia | ✓ | ✓ | ✓ | ✓ |
| Update the vulnerabilities encyclopedia | ✓ | ✓ | ||
| Consult the rules encyclopedia | ✓ | ✓ | ✓ | ✓ |
| Consult compliance benchmarks | ✓ | ✓ | ✓ | ✓ |
| Consult the security issues | ✓ | ✓ | ✓ | ✓ |
| Consult ignoring policies | ✓ | ✓ | ✓ | ✓ |
| Consult asset rules | ✓ | ✓ | ✓ | ✓ |
| Consult criticalities | ✓ | ✓ | ✓ | ✓ |
| Consult corrective actions | ✓ | ✓ | ✓ | ✓ |
| Consult users’ activities | ✓ | ✓ | ✓ | ✓ |
| See the details of an asset | ✓ | ✓ | ✓ | ✓ |
| Consult the compliance rules status of an asset | ✓ | ✓ | ✓ | ✓ |
| Access Kibana | ✓(1) | ✓(1) | ✓(1) | ✓ |
| Ignore vulnerabilities on an asset | ✓ | ✓ | ✓ | |
| Relaunch an asset analysis | ✓ | ✓ | ✓ | |
| Update/Delete an asset | ✓ | ✓ | ||
| Create a deployment/reboot/scanning policy | ✓ | ✓ | ||
| Update/Delete a deployment/reboot/scanning policy | ✓(2) | ✓ | ||
| Assign assets a deployment/reboot/scanning policy | ✓ | ✓ | ||
| Deploy security fixes on an asset | ✓ | ✓ | ||
| Create/Update/Delete a custom compliance repository | ✓ | ✓ | ||
| Assign/Remove rules to/from custom compliance repository | ✓ | ✓ | ||
| Assign/Remove compliance repositories to/from assets | ✓ | ✓ | ||
| Consult discoveries | ✓ | ✓ | ✓ | ✓ |
| Create/Update discoveries | ✓ | ✓ | ||
| Add agents | ✓ | ✓ | ||
| Add agentless connections | ✓ | ✓ | ||
| Add Docker images | ✓ | ✓ | ||
| Add/Update/Delete network targets or websites | ✓ | ✓ | ✓ | |
| Add air gap assets | ✓ | ✓ | ||
| Consult stored credentials | ✓ | ✓ | ||
| Create/Update/Delete stored credentials | ✓ | ✓ | ||
| Create/Update/Delete a criticality | ✓(2) | ✓ | ||
| Create/Update/Delete an ignoring policy | ✓ | |||
| Create/Update/Delete a security issue | ✓ | |||
| Create/Update/Delete a custom compliance rule | ✓ | |||
| Create/Update/Delete an asset rule | ✓ | |||
| Add a compliance benchmark | ✓ | |||
| Assign groups to assets | ✓ | |||
| Add a comment to users’ activities | ✓ | |||
| Manage users and rights | ✓ |
(1) Requires explicit permission.
(2) Requires explicit permission.