uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites,’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Us” or a “Free Trial” Web form), you remain anonymous to the Company. Please go to our privacy statement for details.


Unified VRM Role Permissions

In Unified VRM, permissions can be set for each user based on their role and their access. Roles can be set to determine how a user can action vulnerabilities and assets. Access to assets can also be set, limiting each user’s scope to only their purview.

There are 3 Roles available in Unified VRM:

  • Administrator
  • Manage/ Edit (Normal User)
  • Read only

With Role Based Access Control (RBAC), Administrator can set both the roles and permissions for each user. This allows flexibility to give each user Read Only or Manage/Edit roles and grant and revoke access to each Asset Group. 

Read-only Role

  • View/sort/filter Assets, Asset groups, Vulnerability groups and Vulnerabilities
  • Export data from Unified VRM
  • View your overall Risk Score

Manage/Edit Role

Manage/Edit users get all Read-only capabilities. With this permission, users get write permissions so that the user can manage only on their asset groups.

  • Change Status of Vulnerabilities
    • Create tickets
    • Stage Patch
    • Accept Risk
    • Mark False Positive
  • Change asset value
  • Update asset groups
  • Edit Integrations

Administrator Role

Administrator gets all Manage/Edit Capabilities. Also: 

  • Access to all Assets
  • Manage User Roles & User Permissions
  • Manage all asset groups

Schedule a Product Demo Today!

See how NopSec's end-to-end Cyber Exposure Management platform can organize your security chaos.