Unified VRM Role Permissions
In Unified VRM, permissions can be set for each user based on their role and their access. Roles can be set to determine how a user can action vulnerabilities and assets. Access to assets can also be set, limiting each user’s scope to only their purview.
There are 3 Roles available in Unified VRM:
- Manage/ Edit (Normal User)
- Read only
With Role Based Access Control (RBAC), Administrator can set both the roles and permissions for each user. This allows flexibility to give each user Read Only or Manage/Edit roles and grant and revoke access to each Asset Group.
- View/sort/filter Assets, Asset groups, Vulnerability groups and Vulnerabilities
- Export data from Unified VRM
- View your overall Risk Score
Manage/Edit users get all Read-only capabilities. With this permission, users get write permissions so that the user can manage only on their asset groups.
- Change Status of Vulnerabilities
- Create tickets
- Stage Patch
- Accept Risk
- Mark False Positive
- Change asset value
- Update asset groups
- Edit Integrations
Administrator gets all Manage/Edit Capabilities. Also:
- Access to all Assets
- Manage User Roles & User Permissions
- Manage all asset groups