The following table indicates the mapping of roles to user permissions in Alert Logic Cloud Defender. Utilize this information to choose the appropriate user roles for your team. This table is only relevant to Legacy customers with Cloud Defender entitlements; however, actions listed that can also be performed in the Alert Logic Managed Detection and Response console have similar permissions.
Note: For an overview of role-based access roles in the Alert Logic console, see the Role-Based Access Controls in Alert Logic Console knowledge base article.
Administrator | Owner | Power User | Support/Care | Read Only | |
Create new users | X | ||||
Create new managed account users | X | ||||
Delete users | X | ||||
Delete managed account users | X | ||||
Lock users out of console | X | ||||
Lock managed account users out of console | X | ||||
Modify users | X | ||||
Modify managed account users | X | X | |||
Run reports | X | X | X | X | X |
Run reports on managed accounts | X | X | X | X | |
Configure filters | X | X | X | ||
Configure managed account filters | X | X | |||
View managed account events | X | X | X | X | |
Create managed accounts | X | ||||
Modify incidents | X | X | X | ||
Issue containment requests | X | X | X | ||
Modify signature details | X | X | |||
Modify global configuration | X | ||||
Modify managed account global configuration | X | X | |||
View event packet payload | X | X | X | X | X |
Modify scan settings | X | X | X | ||
Modify managed account scan settings | X | X | X | ||
Modify tags | X | X | X | ||
Modify managed account tags | X | X | |||
Manage custom reports | X | ||||
Modify log policy | X | X | X | ||
Modify managed account log policy | X | X | |||
Modify log correlation policy | X | X | X | ||
Modify managed account log correlation policy | X | X | |||
Access public API | X | X | X | X | X |
Impersonate other users via API | X | X | |||
View log credentials | X | X | X | X | X |
View log collection statuses | X | X | X | X | X |
View managed account log collection statuses | X | X | X | X | |
Modify security options | X | X | X | ||
Modify managed account security options | X | X | |||
Hide vulnerabilities | X | X | X | ||
View Management tab | X | X | X | X | |
Create and edit cases | X | X | X | X | |
Modify hosts | X | X | X | ||
Create and edit custom cases | X | X | X | X | |
Close cases | X | X | X | X | |
View Web Security Manager (WSM) configuration | X | X | X | X | X |
View managed account WSM configuration | X | X | X | X | |
Modify WSM configuration | X | X | X | ||
Modify managed account WSM configuration | X | X | |||
View certificates configuration | X | X | X | X | X |
View managed account certificates configuration | X | X | X | X | |
View IDS whitelist configuration | X | X | X | X | X |
View managed account IDS whitelist configuration | X | X | X | X | |
View notification contacts | X | X | X | X | X |
Update, create, and delete notification contacts | X | X | X | ||
View notification policies | X | X | X | X | X |
Update, create, and delete notification policies | X | X | X | ||
View notification contact groups | X | X | X | X | X |
Update, create, and delete notification contact groups | X | X | X | ||
View notification WebHooks | X | X | X | X | X |
Update, create, and delete notification WebHooks | X | X | X | ||
View notification history | X | X | X | X | X |
Update, create, and delete notification history | X | X | X | ||
Manage notifications | X | X | X | ||
Notification target only | X |
Note: The above list is not exhaustive of possible actions to be taken in the Legacy Alert Logic console.
Additional Support
If none of the user roles laid out above seem to fit your needs, contact Alert Logic Support for additional guidance.
Comments
0 comments
Please sign in to leave a comment.