There are three standard roles that can be assigned to a user that have access to ALL assets and Risk Meters:
- Administrator
- Normal User (Read/Write)
- Read-only
Read-Only User
- View/sort/filter Assets and Vulnerabilities
- Email and Export data from Kenna
- Manage personal Alerts settings
Normal User (Read/Write) - everything listed above plus:
- Change Status on existing Vulnerabilities (open/closed/false positive/risk accepted)
- Modify Vulnerability field data including defined Custom Fields
- Change Asset status to active/inactive
- Add or Delete Tags from Assets
- Create tickets (if enabled)
Administrator - everything listed above plus:
- Access to all assets
- Manage User and User Roles
- Add, delete and modify Risk Meters
- Set asset inactivation settings
- Create and run Connectors
- Manage Custom Fields
- Manage SLA (Due Date) Policies
- Enable Dual Factor Authentication
Using Role Based Access Control (RBAC) you can limit a user's access to assets and Risk Meters. These access groups can be either:
- Read-only
- Write
- Custom Access - restrict the user's ability to perform certain actions, such as creating tickets, editing asset statuses, overriding vulnerability scores and priorities, etc.
More information on RBAC here!