= privilege is granted to the user roleThe following table provides a comparison of privileges granted to user roles for vulnerability management.
= privilege is granted to the user role
* = privilege may be granted to the user role, depending on when subscription was created
o = privilege may be assigned by a Manager
X = privilege may be assigned by a Manager ONLY when subscription is configured to allow it
Manager privileges apply to all user configurations (such as asset groups, option profiles, schedules, and saved results), regardless of who created them. Unit Manager privileges apply to user configurations created within their respective business units. Scanner and Reader privileges apply to personal configurations only. Remediation User has pre-defined and limited privileges. User Administrator has privileges to create and edit users, except other User Administrators. The KnowledgeBase Only role is only available when enabled for your subscription. Only a Manager can assign this role. Learn more about user roles and permissions
|
Privileges |
Manager |
Unit Manager |
Scanner |
Reader |
Remediation User |
User Administrator |
KnowledgeBase Only |
|
Account Setup |
|||||||
|
Configure your dashboard |
|
|
|
|
|
|
|
|
Change your Home page |
|
|
|
|
|
|
|
|
Change your password |
|
|
|
|
|
|
|
|
Reporting |
|||||||
|
Run reports |
|
|
|
|
|
|
|
|
Manage report templates |
|
|
|
|
|
|
|
|
Manage distribution groups |
|
|
|
|
|
|
|
|
Ignore vulnerabilities |
|
|
o |
o |
|
|
|
|
Purge host information |
|
o |
o |
o |
|
|
|
|
Remediation |
|||||||
|
Manually create tickets |
|
|
|
|
|
|
|
|
Edit tickets |
|
|
|
|
|
|
|
|
Close/ignore tickets |
|
|
o |
o |
|
|
|
|
Delete tickets |
|
|
o |
o |
|
|
|
|
Manage remediation policy |
|
o |
|
|
|
|
|
|
Scanner Appliances |
|||||||
|
Install scanner appliances |
|
|
|
|
|
|
|
|
Manage virtual scanner appliances |
|
o |
X |
|
|
|
|
|
Network Mapping & Vulnerability Scanning |
|||||||
|
View map and scan history |
|
|
|
|
|
|
|
|
Launch maps and scans |
|
|
|
|
|
|
|
|
Schedule maps and scans |
|
|
|
|
|
|
|
|
Cancel maps and scans |
|
|
|
|
|
|
|
|
Pause/resume scans |
|
|
|
|
|
|
|
|
Setup storage options to auto delete results |
|
|
|
|
|||
|
Launch and schedule EC2 scans |
|
|
|
|
|
|
|
|
General Management |
|||||||
|
Manage search lists |
|
|
|
|
|
|
|
|
Manage asset tags (Learn more) |
|
|
|
|
|
|
|
|
Manage asset groups |
|
|
|
|
|
|
|
|
Manage option profiles |
|
o |
o |
|
|
|
|
|
Distribute global option profiles and templates |
|
o |
|
|
|
|
|
|
Manage user accounts |
|
|
|
|
|
|
|
|
Manage authentication records and vaults |
|
o |
X |
|
|
|
|
|
Add and edit host assets |
|
o |
X |
||||
|
Remove assets |
|
|
|
|
|
|
|
|
Manage business units |
|
|
|
|
|
|
|
|
Manage distribution groups |
|
|
|
|
|
||
|
Manage networks |
|
||||||
|
Subscription Setup |
|||||||
|
Edit global excluded hosts list |
|
|
|
|
|
|
|
|
Set global user permissions |
|
|
|
|
|
|
|
|
Setup business units - enable the new IP limit feature |
|
|
|
|
|
|
|
|
Setup business risk |
|
|
|
|
|
|
|
|
Setup security risk |
|
|
|
|
|
|
|
|
Define host attribute names |
|
|
|
|
|
|
|
|
Setup CVSS |
|
|
|
|
|
|
|
|
Set account and password security options |
|
|
|
|
|
|
|
|
Set remediation transition options |
|
|
|
|
|
|
|
|
Set the primary contact for the subscription |
|
|
|
|
|
|
|
|
KnowledgeBase |
|||||||
|
View vulnerabilities |
|
|
|
|
|
|
|
|
Edit vulnerabilities - severity and content |
|
|
|
|
|
|
|
|
Add OVAL vulnerabilities |
|
|
|
|
|
|
|
|
Disable vulnerabilities |
|
|
|
|
|
|
|
|
Configure custom vulnerability notifications |
|
|
|
|
|
|
|