The following table provides a comparison of privileges granted to user roles for vulnerability management.
= privilege
is granted to the user role
o = privilege may be assigned by a Manager
X = privilege may be assigned by a Manager ONLY when subscription is configured
to allow it
Manager privileges apply to all user configurations (such as asset groups, option profiles, schedules, and saved results), regardless of who created them. Unit Manager privileges apply to user configurations created within their respective business units. Scanner and Reader privileges apply to personal configurations only. Remediation User has pre-defined and limited privileges. User Administrator has privileges to create and edit users, except other User Administrators. Learn more
Privileges |
Manager |
Unit Manager |
Scanner |
Reader |
Remediation User |
User Administrator |
Account Setup |
||||||
Configure your dashboard |
|
|
||||
Change your Home page |
|
|
||||
Change your password |
||||||
Reporting |
||||||
Run reports |
|
|
||||
Manage report templates |
|
|
||||
Manage distribution groups |
|
|
||||
Ignore vulnerabilities |
o |
o |
|
|
||
Purge host information |
o |
o |
o |
|
|
|
Remediation |
||||||
Manually create tickets |
|
|
||||
Edit tickets |
|
|||||
Close/ignore tickets |
o |
o |
|
|||
Delete tickets |
o |
o |
|
|
||
Manage remediation policy |
o |
|
|
|
|
|
Scanner Appliances |
||||||
Install scanner appliances |
|
|
|
|
||
Manage virtual scanner appliances |
o |
X |
|
|
|
|
Network Mapping & Vulnerability Scanning |
||||||
View map and scan history |
|
|
|
|||
Launch maps and scans |
|
|
|
|||
Schedule maps and scans |
|
|
|
|||
Cancel maps and scans |
|
|
|
|||
Pause/resume scans |
|
|
|
|||
Setup storage options to auto delete results |
|
|
|
|||
Launch and schedule EC2 scans |
|
|
|
|
||
General Management |
||||||
Manage search lists |
|
|
||||
Manage asset tags (Learn more) |
|
|
||||
Manage asset groups |
|
|
|
|||
Manage option profiles |
o |
o |
|
|
|
|
Distribute global option profiles and templates |
o |
|
|
|
|
|
Manage user accounts |
|
|
|
|||
Manage authentication records and vaults |
o |
X |
|
|
|
|
Add and edit host assets |
o |
X |
||||
Remove assets |
|
|
|
|
|
|
Manage business units |
|
|
|
|
||
Manage distribution groups |
||||||
Manage networks |
||||||
Subscription Setup |
||||||
Edit global excluded hosts list |
|
|
|
|
||
Set global user permissions |
|
|
|
|
|
|
Setup business units - enable the new IP limit feature |
|
|
|
|
|
|
Setup business risk |
|
|
|
|
|
|
Setup security risk |
|
|
|
|
|
|
Define host attribute names |
|
|
|
|
|
|
Setup CVSS |
|
|
|
|
|
|
Set account and password security options |
|
|
|
|
|
|
Set remediation transition options |
|
|
|
|
|
|
Set the primary contact for the subscription |
|
|
|
|
|
|
KnowledgeBase |
||||||
View vulnerabilities |
|
|||||
Edit vulnerabilities - severity and content |
|
|
|
|
|
|
Add OVAL vulnerabilities |
|
|
|
|
|
|
Disable vulnerabilities |
|
|
|
|
|