Skip to content

Group Management

This page describes the different group roles available in the system and the permissions associated with each group. Assigning users to appropriate groups determines the access and actions they can perform within the platform.

Group Description
User A normal user with read-only access and the ability to view Threat Exposure, Defense Surface, and Fleet Exposure pages.
Admin Adds the ability to manage Users and Groups. Also allows the user to view admin logs.
AssetManager Adds the ability to upload Assets.
IntegrationAdmin Adds the ability to create, edit, and delete integrations.
ThreatProfileManager Adds the ability to create, edit, and delete the organization's Threat Profile.
OrgAdmin Adds the ability to create and manage sub-tenants.
MultiOrgUser Adds the ability to view and switch to sub-tenants.
VulnManager Adds the ability to upload Assets and Vulnerabilities.
DetectionTelemetryManager Adds the ability to map manually upload Detections and Telemetry. Also adds the ability to map Detections to Techniques.
ResponseManager Placeholder group for future functionality.

Note: Assigning a user to multiple groups will combine the permissions of all assigned groups.