Role Permissions

There are three standard roles that have access to all assets and Risk Meters:

  • Administrator
  • Normal User (Read/Write)
  • Read Only

 

Using Role Based Access Control (RBAC) you can limit access to assets and Risk Meters. These access groups can be either:

  • Read/Write
  • Read Only

 

Each type of user has similar permissions with the difference that those under RBAC are limited to what asset they can act upon. 

Read-Only 

  • View/sort/filter Assets and Vulnerabilities
  • Email and Export data from Kenna
  • Manage personal Alerts settings

Read-Write - everything listed above plus:

  • Change Status on existing Vulnerabilities (open/closed/false positive/risk accepted)
  • Modify Vulnerability field data including defined Custom Fields
  • Change Asset status to active/inactive
  • Add or Delete Tags from Assets
  • Create ServiceNow tickets (if enabled)

Administrator - everything listed above plus:

  • Access to all assets
  • Manage User Roles and Users
  • Add, delete and modify Risk Meters
  • Set asset inactivation settings
  • Create and run Connectors
  • Manage Custom Fields
  • Manage SLA (Due Date) Policies
  • Enable Dual Factor Authentication

 

 

Powered by Zendesk