AppDefense now defines two user roles for the operation of the SaaS Manager i.e. “Admin” and “Analyst”. Admins have full privileges, including user configuration and remediation settings (block, suspend, kill, etc). Analyst is the default user role and cannot change remediation settings.
Users in the ‘Administrator’ role have overall responsibility of the organization, so are assigned with additional permissions. There can be more than one administrator in the organization. By default, when administrator invites a user, the user is assigned with the ‘Analyst’ role.
An ‘Analyst’ role assigned user cannot perform below tasks in the SaaS manager console –
Analyst is the default user role. Analyst cannot access user management or remediation action settings. Analyst cannot view the advanced remediation audit log. Only when provided by administrator, the user with an analyst role can perform advanced remediation actions such as Quarantine, Suspend, or Power Off.
Administrator is a user who has an administrative responsibility of the organization. Administrator has the following privileges.
Advanced Remediation Settings: Control the setting to provide access to perform manual and automatic remediation action for all users within the organization. Administrator can enable or disable the advanced remediation action from the Settings tab.
User Management: Administrator can perform following actions from the Users tab:
Assign a user role.
Invite users to the organization.
Invite an existing user again, when needed.
Block or unblock users.
Advanced: Administrator can take the remediation action on a virtual machine for any triggered alert or set the automatic remediation rules to take advanced remediation action in individual services. Remediation action includes Quarantine, Suspend, or Power Off the virtual machine.
Audit Log: Administrator can view the advanced remediation log from the settings -> Audit Logs tab.
These new roles are now available in every AppDefense SaaS manager org. Let us know if you have questions!