Role Permissions

Administrator, Write/Normal User, and Read Only are the three user roles that can be assigned to a Kenna user right out of the box. Custom Access User Roles can limit user permissions through our RBAC controls. Administrators have access to ALL assets and Risk Meters whereas the other roles can have limited access to specific Risk Meters. When using Hierarchical Risk Meters, providing access to a parent or descendent will allow access to all lower descendants in the hierarchy. Only Admin, Normal, and Read Only user roles can be assigned an API key which corresponds to their permissions. This article will provide a list of the permissions available to each role.

  • Read-Only
  • Write/Normal User
  • Administrator
  • Custom Access

 

Roles_Permission.png

Read-Only User

  • Access to All Assets or a subset of Asset Groups (Risk Meters)

  • View/sort/filter Assets and Vulnerabilities

  • Email and Export data from Kenna

  • Manage personal Alerts settings

Write/Normal User

Everything listed above plus:

  • Modify and Delete Asset Groups (Risk Meters)

  • Create Tickets

  • Export Data

  • Share Top Fixes

  • Edit Asset Status

  • Edit Asset Tags

  • Edit Asset Locators

  • Edit Asset Owner

  • Edit Asset Priority

  • Edit Asset Operating System

  • Edit Asset Notes

  • Edit Vulnerability Status

  • Edit Vulnerability Custom Fields

  • Edit Vulnerability Score Override

  • Edit Vulnerability Due Date

  • Edit Vulnerability Notes

Administrator

Everything listed above plus:

  • Access to all assets
  • Manage User Roles and Users

  • Provision and manage API keys

  • Add, delete and modify Asset Groups (Risk Meters)

  • Add, delete and modify Applications

  • Create and run Connectors
  • Manage Custom Fields
  • Manage SLA (Due Date) Policies
  • Enable Dual Factor Authentication

Custom Access

Standard functionality

  • View/sort/filter Assets and Vulnerabilities
  • Email and Export data from Kenna
  • Manage personal Alerts settings
  • Access to All Assets or a subset of Asset Groups (Risk Meters)

General Options - toggle on/off

  • Add, delete and modify Asset Groups (Risk Meters)
  • Create Tickets
  • Share Top Fixes
  • Export Data

Asset Options - toggle on/off

  • Edit Asset Status
  • Edit Asset Locators
  • Edit Asset Priority
  • Edit Asset Notes
  • Edit Asset Tags
  • Edit Asset Owner
  • Edit Asset Operating System

Vulnerability Options - toggle on/off

  • Edit Vulnerability Notes
  • Edit Vulnerability Status
  • Edit Vulnerability Custom Fields
  • Edit Vulnerability Score Override
  • Edit Vulnerability Due Date
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.