User Role Permissions
In Collaborate, you can assign pre-configured roles to Analyst Portal users or create custom roles tailored to your organization’s needs. When creating or updating a role, you assign permissions based on available features, ensuring each role has the appropriate access. The following modules support different permissions for each role:
About Us
You can use the About Us setting to add information about your organization. Members will see this information in the Member Portal. The following permissions control access to these settings:
View About Us: Allows users to view the About Us section in Administration > Settings > Other Settings > About Us.
Update About Us: Allows users to edit the content in the About Us section in About Us.
AbuseIPDB
You can integrate Collaborate with AbuseIPDB to enrich any indicator details while creating alerts. The following permissions are available in this module:
View AbuseIPDB: Allows users to view the Abuse IPDB integration in Administration > Integrations > Third Party Integrations > Abuse IPDB.
Update AbuseIPDB: Allows users to edit the credentials while configuring Abuse IPDB integration.
For more information about configuring AbuseIPDB integration, see Configure Abuse IPDB Integration.
Access Control
Use Access Control to allow or block access to the Collaborate Analyst Portal based on countries or IP addresses. The following permissions manage this functionality:
View Access Control: Allows users to view the Access Control settings in Administration > Settings > Other Settings > Access Control.
Create Access Control: Allows users to add countries and IP/IP Ranges to the allowed or blocked list in the Access Control section.
Update Access Control: Allows users to update the countries and IP/IP Ranges present in the allowed or blocked list in the Access Control section.
For more information about Access Control, see Access Control.
Alerts
You can share real-time advisories on the latest incidents, breaches, malware, and vulnerabilities with members through Alerts. The following permissions are available for managing this feature:
Can Publish Alert: Allows users to publish alerts from Alerts > Create Alerts.
Can Draft Alert: Allows users to save an alert as a draft.
Can Expire Published Alert: Allows users to expire a published alert.
Can Revert Alert: Allows users with Publisher role to revert an alert.
Can Submit Alert: Allows users to submit an alert to a publisher for further review and publishing.
Can View All Alert: Allows users to view all the alerts their organization publishes.
Can View Alert: Allows users to view the alerts they publish.
Can Schedule Alert: Allows users to schedule the time of publishing an alert.
Can Expire Unpublished Alert: Allows users to expire an alert in the draft state.
For more information about Alerts, see Alerts.
Alert Template
You can create editable alert templates to instantly create alerts, and save time from entering the same data multiple times for similar alerts. The following permissions are available in this module:
Update Alert Template: Allows users to update an existing alert template in Administration > Settings > Alert Settings > Alert Template.
View Alert Template: Allows users to view the available alert templates.
Create Alert Template: Allows users to create a new alert template in Alert Template.
For more information about alert templates, see Create Alert Templates.
Analysis Settings
The analysis settings enable you to manage system fields which are out-of-the-box fields used while creating alerts and submitting intel and RFIs. The following permissions are available in this module:
Update Analysis Settings: Allows users to rearrange the order of fields displayed in the Additional section of the alert creation form, intel submission form, and the RFI reporting form in Administration > Field Management Settings > Field Order.
Create Analysis Settings: Allows users to create options for single-select and multi-select fields in Field Management Settings.
View Analysis Settings: Allows users to view the available system fields.
For more information about system fields, see System Fields.
Analyst Dashboard Login Configuration
You can directly configure the preferred authentication method for the users of the Analyst Portal. The following permissions are available in this module:
View Analyst Dashboard Login Configuration: Allows users to view the authentication methods available for the Analyst Portal in Administration > Integrations > Authentication Methods > Analyst Portal.
Update Analyst Dashboard Login Configuration: Allows users to edit the configurations of the available authentication methods.
For more information about the Analyst Portal authentication methods, see Manage Analyst Portal Authentication.
API Details
You can create and view API credentials to engage with the Collaborate services programmatically. The following permissions are available in this module:
View API Details: Allows users to view the API integration details in Administration > Integrations > CSAP Integrations.
Update API Details: Allows users to clone roles and update the accessibility of user roles to Collaborate features in Administration > Integrations > CSAP Integrations > Open API Permission.
Create API Details: Allows users to generate API credentials and create roles to manage user's access to Collaborate features.
For more information about configuring Collaborate's open API, see Configure CSAP Open API.
ATT&CK Heatmap
The ATT&CK Heatmap is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations. The following permission is available in this module:
View ATT&CK Navigator: Allows users to view the ATT&CK Navigator heatmap in Main Menu > ATT&CK Navigator.
For more information about ATT&CK navigator, see ATT&CK Navigator.
Audit Log
You can view all the recent actions performed by Collaborate Analyst Portal users in Audit Logs. The following permission is available in this module:
View Audit Log: Allows users to view the recent actions of Analyst Portal users in Administration > User Permissions > Audit Logs.
For more information about audit logs, see Audit User Logs.
Automated RSS Alerts
You can automatically publish RSS feeds as alerts from the Analyst portal using Automated RSS Alerts, eliminating the need to create them manually. The following permissions are available in this module:
Update Automated RSS Alerts: Allows users to edit the integration credentials in Administration > Integrations > Third Party Integrations > Automated RSS Alerts.
View Automated RSS Alerts: Allows users to view the view the credentials in Automated RSS Alerts.
For more information about configuring automated RSS alerts, see Configure Automated RSS Alerts.
Browser Extension
Members can use the Cyware Threat Intel Crawler browser extension to submit intels. The following permissions are available in this module:
Update Browser Extension: Allows users to update the browser extension settings in Administration > Configurations > Features.
View Browser Extension: Allows users to view the browser extension settings in Features.
For more information about configuring the browser extension, see Configure CSAP Features.
Campaign
Campaigns are instances or patterns of harmful intent by threat actors. Collaborate helps you to create and manage campaigns to share alerts with additional context. The following permissions are available in this module:
View Campaign: Allows users to view the list of campaigns available in Administration > Settings > Alert Settings > Campaign.
Update Campaign: Allows users to edit the available campaigns.
Create Campaign: Allows users to create a new campaign in Campaign > Create.
For more information about campaigns, see Create Campaigns.
Category
Categories help you identify the type of information shared in an alert by analysts and threat intel submitted by members. The following permissions are available in this module:
Update Category: Allows users to update the details of a category in Administration > Settings > Core Settings > Category.
View Category: Allows users to view all the available categories in Category.
Create Category: Allows users to create new categories in Category.
For more information about categories, see Categories.
Channels
Channels are classifications of alerts based on tags, information sources, and recipient groups. The following permissions are available in this module:
Update Channels: Allows users to update the details of a channel in Administration > Settings > Core Settings > Channels.
View Channels: Allows users to view the details of channels in Channels.
Create Channels: Allows users to create new channels in Channels.
For more information about channels, see Channels.
Conference Call
The conference call feature allows members to connect using a simple and common conference calling number. The following permissions are available in this module:
Create Conference Call Entry: Allows users to add conference call details in Administration > Settings > Alert Settings > Conference Call.
Update Conference Call Entry: Allows users to edit the existing conference call details in Conference Call.
View Conference Call Entry: Allows users to view all the available conference call entries in the Conference Call setting.
For more information about conference calls, see Add Conference Call.
Configurations
In this section, you can configure the various features of the Collaborate Analyst and Member Portal by setting preferences. The following permissions are available in this module:
Update Configurations: Allows users to edit the preferences in Administration > Configurations.
View Configurations: Allows users to view the available preferences in Configurations.
For more information, see Configure Collaborate Preferences.
Crisis Notification
Crisis Notification is a structured information dissemination feature that allows users with permission to send crisis alerts to a group of specific individuals. The following permissions are available in this module:
View Crisis Notification: Allows users to view the responses to crisis alerts in Main Menu > Crisis Management.
Create Crisis Notification: Allows users to create and publish crisis alerts from Crisis Management.
For more information about crisis notification, see Crisis Management.
Crisis Template
You can efficiently manage crisis alerts by creating and customizing templates in the settings. The following permissions control access and modifications for crisis management templates:
View Crisis Template: Allows users to view the available crisis management templates in Administration > Settings > Other Settings > Crisis Management.
Create Crisis Template: Allows users to create new templates for crisis notification in Crisis Management.
Update Crisis Template: Allows users to edit available crisis templates in Crisis Management.
For more information on managing crisis templates, see Crisis Management Settings.
CTIX Integration
You can integrate Collaborate with Intel Exchange to send threat intel to Intel Exchange. The following permissions are available in this module:
Create CTIX Integration: Allows users to configure the Intel Exchange integration in Administration > Integrations > Cyware Integrations > Intel Exchange (CTIX).
Update CTIX Integration: Allows users to edit the credentials in Intel Exchange (CTIX).
View CTIX Integration: Allows users to view the credentials in Intel Exchange (CTIX).
For more information about configuring Intel Exchange integration, see Configure Intel Exchange (CTIX) Integration.
Custom Dashboard
You can create and maintain custom dashboards to visually present vital performance metrics based on real-time information. The following permissions are available in this module:
View Custom Dashboard: Allows users to view the custom dashboards in Dashboard.
Create Custom Dashboard: Allows users to create a custom dashboard using the available metrics.
Update Custom Dashboard: Allows users to edit an existing dashboard.
For more information about dashboards, see Dashboards.
Custom Email Template
The email management feature contains built-in and customizable email templates for sending email notifications. The following permissions are available in this module:
View Custom Email Template: Allows users to view the available email templates in Administration > Settings > Other Settings > Email Management.
Update Custom Email Template: Allows users to make edits to the existing custom email templates in Email Management.
For more information about customizing email templates, see Email Management.
Custom Fields
Admins can create various types of custom fields such as text boxes, multi-select, single-select, date, and Boolean fields and map them to alert categories to add additional information that may not be included in the standard form. The following permissions are available in this module:
Create Custom Fields: Allows users to create custom fields in Administration > Settings > Field Management > Custom Fields.
Update Custom Fields: Allows users to edit the details of custom fields in Field Management settings.
View Custom Fields: Allows users to view the available custom fields in Custom Fields.
For more information about custom fields, see Custom Fields.
CybelAngel
You can integrate Collaborate with CybelAngel to enable members to access real-time data as part of incident reports, credential watchlisting, and domain watchlisting. The following permissions are available in this module:
View CybelAngel: Allows users to view the credentials in Administration > Integrations > Recon Darknet Detection > CybelAngel.
Update CybelAngel: Allows users to edit the CybelAngel credentials in CybelAngel.
For more information about configuring CybelAngel integration, see Configure CybelAngel.
Doc Library
The Doc Library is a secure place to store text, image, and video files, and analysts and members can store important files and download them. The following permissions are available in this module:
Update Doc Library: Allows users to edit the files in Main Menu > Doc Library.
Create Doc Library: Allows users to create folders and upload files in the Doc Library.
Delete Doc Library: Allows users to delete files and folders from the Doc Library.
View Doc Library: Allows users to view the files and folders available in the Doc Library.
For more information about Doc Library, see Doc Library.
Email Box
You can integrate and map email accounts in the Analyst Portal. The emails sent to the configured email account are received in Email Submissions. The following permissions are available in this module:
View Email Submissions: Allows users to view all the available email submissions in Main Menu > Email Submissions.
Create Alert from Email: Allows users to create an alert from email submission.
Update Email Submissions: Allows users to update email submissions in Email Submissions.
For more information on managing email submissions, see Manage Email Submissions.
Email Submission Settings
You can integrate and map email accounts in the Analyst Portal to receive email submissions. The following permissions are available in this module:
Update Email Accounts: Allows users to update an existing email account configuration in Administration > Settings > Other Settings > Email Accounts.
Create Email Accounts: Allows users to configure a new email account in Email Accounts.
View Email Accounts: Allows users to view the available email account configurations in Email Accounts.
For more information about email accounts, see Email Accounts.
Entity Sharing
The Sharing Community feature automates alert sharing between two Collaborate organizations via secure APIs, enabling collaboration and threat knowledge sharing. The following permissions are available in this module:
Create Entity Sharing: Allows users to add new sharing communities using API credentials in Administration > Community Sharing.
Update Entity Sharing: Allows users to activate or deactivate sharing communities and revoke API credentials.
View Entity Sharing: Allows users to view the details of sharing communities.
For more information about sharing community, see Manage Sharing Communities.
Events
You can schedule events through alerts and share invites directly with members or manage event requests from members. The following permissions are available in this module:
View Event Attendance: Allows users to view the responses of members for event attendance on event alerts in Alert Details > Event Attendance of event alerts.
Update Event: Allows users to reject or approve event requests in Main Menu > Event Submissions.
Create Event: Allows users to create alerts from event submissions.
View Event: Allows users to view event requests of members.
For more information on event submissions, see Manage Event Submissions.
Failed Login Details
You can view and audit all the failed login attempts of Member Portal and Analyst Portal users. The following permission is available in this module:
View Failed Login Details: Allows users to view all the failed login attempts in Administration > User Management > Failed Login Details.
For more information about failed login details, see View Failed Login Details.
File Types
You can manage the list of file formats that can be uploaded by members or analysts. The following permissions are available in this module:
View File Extensions: Allows users to view the available file types in Administration > Settings > Other Settings > File Types.
Update File Extensions: Allows users to enable or disable supported file types for the Analyst Portal or the Member Portal.
For more information on file types, see File Types.
Flexera
You can integrate Collaborate with Flexera to poll for information from Flexera and post them as alerts to members. The following permissions are available in this module:
Update Flexera: Allows users to edit Flexera integration in Administration > Integrations > Third Party Integrations > Flexera.
View Flexera: Allows users to view the credentials of Flexera integration.
Create Flexera: Allows users to configure the Flexera integration.
For more information about configuring Flexera integration, see Configure Flexera Integration.
Google Recaptcha Configuration
You can register Collaborate with Google reCAPTCHA service to detect abusive traffic, thereby mitigating the possibility of bots signing in to the application without any user interaction. The following permissions are available in this module:
Update Google Recaptcha Configuration: Allows users to edit the integration credentials in Administration > Integrations > Authentication Method.
View Google Recaptcha Configuration: Allows users to view the configuration details.
For more information on configuring Google reCAPTCHA, see Configure Google reCAPTCHA.
Indicators Allowed
You can classify indicators as safe by adding them to Indicators Allowed. These indicators will be parsed as allowed indicators while creating alerts. The following permissions are available in this module:
Update Indicators Allowed: Allows users to update the status of existing indicators in Main Menu > Indicators Allowed.
Create Indicators Allowed: Allows users to add indicators to the allowed list in Indicators Allowed.
View Indicators Allowed: Allows users to view the list of indicators added to the allowed list in Indicators Allowed.
For more information about allowed indicators, see Allowed Indicators.
Intel 471
You can integrate Collaborate with Intel 471 to poll for information from Intel 471 and post them as alerts. The following permissions are available in this module:
Update Intel 471: Allows users to edit the credentials of the existing configuration in Administration > Integrations > Third Party Integrations > Intel 471.
Create Intel 471: Allows users to configure Intel 471 integration in Intel 471.
View Intel 471: Allows users to view the integration details in Third Party Integrations.
For more information on configuring Intel 471 integration, see Configure Intel 471 Integration.
Intelligence Requirements
You can review and publish an IR submitted by members as well as create IRs in the Analyst Portal. The following permission is available in this module:
View/Create Intelligence Requirements: Allows users to view or create IRs in Intelligence Requirements in the Analyst Portal.
For more information about Intelligence Requirements, see Intelligence Requirements.
Intel Submissions
A member can submit threat intel reports from the Member Portal. You can further share these reports as alerts to all the other members of the organization. The following permissions are available in this module:
Update Intel Submissions: Allows users to create an alert from the intels submitted by members in Intel Submissions.
View Intel Submissions: Allows users to view all the intels submitted by members.
For more information about intel submissions, see Manage Intel Submissions.
Knowledge Base
You can use Knowledge Base to create and store documents such as policies, guidelines, handbooks, or standard operating procedures that are relevant to your organization. The following permissions are available in this module:
Update Knowledge Base: Allows users to edit the documents in Main Menu > Knowledge Base.
Create Knowledge Base: Allows users to create documents in the Knowledge Base.
View Knowledge Base: Allows users to view the documents in the Knowledge Base.
For more information about Knowledge Base, see Knowledge Base.
Knowledge Base Category
You can create Knowledge Base categories to group associated KB articles. The following permissions are available in this module:
View Knowledge Base Category: Allows users to view the categories created to associate with Knowledge Base articles in Administration > Settings > Other Settings > Knowledge Base.
For more information on creating Knowledge Base categories, see Knowledge Base Settings.
Location Selection
You can create and manage the required number of locations in the Collaborate Analyst Portal to send alerts specific to a location or region to members. The following permissions are available in this section:
Create Location: Allows users to add new member locations in Administration > Settings > Member Settings > Location.
Update Location: Allows users to edit the details such as country, state, city, and site address of existing locations in Member Location.
View Location: Allows users to view all the available locations.
For more information about locations, see Member Location.
MCL
Member Contribution Level (MCL) is a factored scoring mechanism that allows you to generate confidence statements for the intel shared by members automatically. The following permissions are available in this section:
View MCL: Allows users to view the settings for MCL in Administration > Settings > MCL Settings.
Update MCL: Allows users to edit the values for Information Accuracy and Source Reliability in Member Contribution Level and the Source Reliability Weight of organizations in Organization Configuration.
For more information about MCL, see Configure MCL Settings.
Member
You can add Collaborate members and manage how they interact with the Member Portal and view sign-ins by members. The following permissions are available in this module:
Update Email Member: Allows users to update the email address of a member in Administration > User Management > Member.
Create Member: Allows users to add members to the Member Portal.
Update Member: Allows users to edit a member's details.
View Member: Allows the users to view the details of existing members.
For more information about onboarding members, see Onboard Members.
Member Portal Login Configuration
You can directly configure the preferred authentication method for the users of the Member Portal. The following permissions are available in this module:
View Member Portal Login Configuration: Allows users to view the authentication methods available for members in Administration > Integrations > Authentication Method > Member Portal.
Update Member Portal Login Configuration: Allows users to edit the configurations of the available authentication methods.
For more information about the Member Portal authentication methods, see Manage Member Portal Authentication.
Microsoft Teams
You can integrate Collaborate with Microsoft Teams to publish alerts as messages in the respective channels. The following permissions are available to use this functionality:
View Microsoft Teams: Allows users to view the integration and the associated details in Administration > Integrations > Third Party Integrations > Microsoft Teams.
Create Microsoft Teams: Allows users to configure a new channel in Microsoft Teams.
Update Microsoft Teams: Allows users to edit the configurations of a channel such as the channel name, webhook URL, status, and more.
Delete Microsoft Teams: Allows users to delete a channel in Microsoft Teams.
For more information on configuring Microsoft Teams, see Configure Microsoft Teams in CSAP.
MISP
You can integrate Collaborate with MISP to post threat intel information to the MISP application. The following permissions are available in this module:
View MISP: Allows users to view the integration and the configured credential details in Administration > Integrations > Third Party Integrations > MISP.
Create MISP: Allows users to add the credentials to configure the integration.
Update MISP: Allows users to update the credentials of the existing configuration.
For more information on configuring MISP integration, see Configure MISP Integration.
Organization
You can classify members according to organizations. Organizations can also be further grouped into organization types and organization levels. This allows users to share alerts quickly with members from selected organizations and organization types. The following permissions are available in this module:
Update Organization: Allows users to edit the details of existing organizations and organization types in Administration > Settings > Member Settings.
View Organization: Allows users to view the available organizations, organization types, and organization levels.
Create Organization: Allows users to create new organizations, organization types, and organization levels.
For more information about organizations, see Member Organization.
Partner Feed
Partner advisories are threat intelligence providers who share real-time cybersecurity advisories to members of Collaborate. The following permissions are available in this module:
Update Partner Feed: Allows users to edit the publishing preferences in Administration > Advisory Management > Partner Advisory.
View Partner Feed: Allows users to view the organizations that are partnered with Cyware in Administration > Advisory Management > Partner Advisory.
For more information about Partner Advisory, see Manage Network Advisories.
Privileged User
Users who have access to the Analyst Portal are designated as privileged users. The following permissions are available in this module:
Update Privileged User: Allows users to update the details of privileged users in Administration > User Management > Privileged User.
Create Privileged User: Allows users to add privileged users to the Analyst Portal.
View Privileged User: Allows users to view the details of existing privileged users.
Update Email Privileged User: Allows users to update the email address of existing privileged users.
For more information about onboarding privileged users, see Onboard Privileged Users.
Readers Report
Analysts can generate detailed reports on alerts viewed by members. These reports include crucial alert information such as alert ID, title, publisher details, publication date, and more. The following permissions are available in this module:
Create Readers Report: Allows users to create custom reports based on a selected date range in Reports > Detailed Alert - Read Status Report.
View Readers Report: Allows users to view the list of users who created readers' reports.
For more information, see Detailed Alert - Read Status Report section in Manage Reports.
Recipient Groups
A recipient group is a group of members who receive information in the form of alerts, Doc Library media, Knowledge Base articles, and others, based on their grouping. The following permissions are available to manage this module:
Create Recipient Groups: Allows users to create public and invite-only recipient groups for members in Administration > Settings > Core Settings > Recipient Groups.
Update Recipient Groups: Allows users to edit the details of existing recipient groups.
View Recipient Groups: Allows users to view the recipient groups available in Collaborate.
For more information about recipient groups, see Recipient Group.
Region
A region refers to a specific geographic area or grouping of countries that share certain characteristics related to cybersecurity. You can use regions to publish alerts specifically to a region. The following permissions are available in this module:
View Region: Allows users to view the available regions in Administration > Settings > Member Settings > Region.
Create Region: Allows users to add new regions.
Update Region: Allows users to update the details and status of existing regions.
For more information about regions, see Create Regions.
Reports
Analysts can use reports to view data related to different modules in the Analyst Portal such as status and breakdown of alerts, device distribution, incident stats, intel submissions, surveys, and personalized keywords in graphical formats. The following permissions are available in this module:
View Graphs: Allows users to visualize data and manage reports in Reports.
For more information about reports, see Reports.
Request For Information
Members can submit Requests for Information (RFIs), facilitating the exchange of insights for optimizing their organization's security posture. As an analyst, you can review these RFIs and publish them as alerts to a larger network. The following permissions are available in this module:
Update Request for Information: Allows users to update the status of an RFI in Main Menu > Request for Info.
View Request for Information: Allows users to view member submissions in Request for Info.
For more information about RFI, see Manage Request for Information.
Request Management
Members can submit requests to join an invite-only recipient group from the Member Portal. Analysts and member admins can approve or reject members' requests to join the invite-only recipient groups. The following permissions are available in this module:
View Requests: Allows users to view a list of requests submitted by members in Main Menu > Request Management.
Accept/Reject Requests: Allows users to accept or reject members' requests to join a group.
For more information about request management, see Request Management.
RSS Feed
RSS feeds are open-source feeds from trusted sources, such as government agencies, security blogs, organizations within the cybersecurity industry, and similar. Members can view data from different RSS feeds to which they subscribe. The following permissions are available in this module:
Update RSS Feed: Allows users to update the status of the advisory sources in Administration > Advisory Management > RSS Advisory.
View RSS Feed: Allows users to view the open-source advisories in RSS Advisory.
Create RSS Feed: Allows users to add new RSS feeds.
For more information about RSS feeds, see Add Custom RSS Advisory Sources.
SMS Configuration
You can integrate Collaborate with SMS gateway services for sharing OTP through SMS. SMS integrations can be used with authentication methods such as LDAP, SAML 2.0, etc., for two-factor authentication. The following permissions are available in this module:
View SMS Configuration: Allows users to view the configuration in Administration > Integrations > Authentication Method > SMS Configuration.
Update SMS Configuration: Allows users to edit configuration details.
For more information about SMS configuration, see Configure SMS Services.
SMTP Configuration
You can configure the email server and enable the application to send emails to the users with invite links, password reset links, notifications, reports, One-Time Passwords (OTPs), and more. The following permissions are available in this module:
View SMTP Configuration: Allows users to view the configuration in Administration > Integrations > Authentication Method > SMTP Configuration.
Update SMTP Configuration: Allows users to edit configuration details.
For more information about SMTP configuration, see Configure SMTP Server.
Special Handling
Alerts with special handling flags help users share priority alerts with members by allowing them to stand out from other alerts. The following permissions are available in this module:
Create Special Handling: Allows users to create new special handling records in Administration > Settings > Alert Settings > Special Handlings.
View Special Handling: Allows users to view the special handling records.
Update Special Handling: Allows users to edit the details and status of existing special handling records.
For more information about special handling, see Special Handlings.
Survey
You can use surveys to create, send, and collect responses from members about their opinions, behavior, or knowledge of threats and incidents. The following permissions are available in this module:
Can View All Survey: Allows users to view all the surveys submitted by their organization in Main Menu > Survey.
Can Publish Survey: Allows users to publish surveys.
Can Expire Published Survey: Allows users to expire published surveys.
Can Expire Unpublished Survey: Allows users to expire surveys that are saved as drafts.
Can Submit Survey: Allows users to submit surveys to publishers.
Can Schedule Survey: Allows users to schedule the publish time of the survey.
Can View Survey: Allows users to view the list of surveys.
Can Draft Survey: Allows users to save surveys as drafts.
Can Send Survey Draft Notification: Allows users to send push notifications and survey email notifications to the respondents while publishing alerts.
For more information about surveys, see Gather Opinions with Surveys.
Survey Request
Members can request a survey from analysts to include information on threats, vulnerabilities, malware, and more. You can review and publish submitted surveys. The following permissions are available in this module:
Update Survey Request: Allows users to accept or reject survey requests in Main Menu > Survey > Survey Requests.
View Survey Request: Allows users to view the surveys requested by members.
For information about managing survey requests, see Publish a Requested Survey.
Tag Library
Tags are text labels that you can assign to Collaborate components such as alerts, intel reports, Doc Library files, and more. Collaborate contains a distinct tag library that allows you to save and access various types of tags. The following permission is available in this module:
View Tag Library: Allows users to view various types of tags in Main Menu > Tag Library.
For more information about Tag Library, see Tag Library.
Terms of Use
Collaborate lets you manage a user agreement displayed on the Member Portal login page. As an analyst, you can customize it to match your organization's policies. The following permissions are available in this module:
View Terms of Use: Allows users to view the terms of use content in Administration > Settings > Other Settings > Terms of Use.
Update Terms of Use: Allows users to edit the content in Terms of Use.
For more information about managing terms of use, see Terms of Use.
Theme Settings
You can use the Theme Settings to customize the logo and theme for the Member Portal web and mobile applications. The following permissions are available in this module:
View Theme Settings: Allows users to view the settings to customize logo and theme in Administration > Settings > Theme Settings.
Update Theme Settings: Allows users to upload images for the logo and edit the themes in Member Portal web and mobile applications.
For more information about theme settings, see Theme Settings.
Threat Assessment
You can use threat assessments to get a pulse of how many members were impacted by a vulnerability, malware, or threat activity. The following permissions are available in this module:
Create Threat Assessment: Allows users to create new threat assessment templates in Administration > Settings > Alert Settings > Threat Assessment.
View Threat Assessment: Allows users to view the threat assessment settings in Administration > Settings > Alert Settings > Threat Assessment.
Update Threat Assessment: Allows users to edit the details and status of existing threat assessment templates.
For more information about threat assessments, see Threat Assessment.
Threat Assessment SLA
SLAs allow analysts to send automatic reminders at specified time intervals to members to respond to threat assessments. The following permissions are available in this module:
View Threat Assessment SLA: Allows users to view the Threat Assessment SLA settings in Administration > Settings > Alert Settings > Threat Assessment > SLA.
Create Threat Assessment SLA: Allows users to create new threat assessment SLAs.
Update Threat Assessment SLA: Allows users to edit the existing details and status of threat assessment SLAs.
For more information about threat assessment SLA, see Threat Assessment SLA.
Threat Defender Library
Threat Defender Library (TDL) is a repository that allows security analysts to store and share content with analysts and members for threat detection, analysis, and response. The following permissions are available in this module:
View Content: Allows users to view the TDL content in Threat Defender Library.
Create Content: Allows users to create TDL content.
Expire Published Content: Allows users to expire TDL content.
For more information about TDL, see Threat Defender Library.
Threat Intel Attributes
Use Intel Sharing Handling to create organization charts representing partners and entities for threat intel sharing. Members can select or unselect partners and entities while reporting a threat intel. The following permissions are available in this module:
Create Threat Intel Fields: Allows users to add partners and their entities in Administration > Settings > Report Settings > Intel Sharing Handling.
Update Threat Intel Fields: Allows users to update the details of existing partners.
View Threat Intel Fields: Allows users to view the available partners and their respective entities in Intel Sharing Handling.
Threat Level
Analysts can configure and use threat levels to display any important information such as current malicious cyber activity, potential or actual damage caused by the threats, and so on from the Analyst Portal. The following permissions are available in this module:
Update Threat Level: Allows users to edit the details of existing threat levels in Administration > Settings > Other Settings > Threat Levels.
View Threat Level: Allows users to view the available threat level configurations in Threat Levels.
Create Threat Level: Allows users to add new threat levels.
For more information about threat levels, see Threat Levels.
Threat Stream
You can integrate Collaborate with Threat Stream to post threat intel information to the Threat Stream application. The following permissions are available in this module:
Update Threat Stream: Allows users to update the credentials of the existing configuration in Administration > Integrations > Third Party Integrations.
View Threat Stream: Allows users to view the configuration.
For more information about configuring Threat Stream integration, see Configure Threat Stream Integration.
TLP
The Traffic Light Protocol (TLP) is a set of designations that ensure sensitive information is correctly shared with the appropriate recipients. The following permissions are available in this module:
Update TLP: Allows users to edit the summary of different TLP levels in Administration > Settings > Other Settings > TLP.
View TLP: Allows users to view the different TLP levels.
For more information about TLP, see Traffic Light Protocol (TLP).
TLP Control
Analysts can set preferences to automatically show and hide details such as summary, image, optional fields, and attachments in the alert email, or RFI email, based on the selected TLP color. The following permissions are available in this module:
View TLP Control: Allows users to view the TLP preferences in Administration > Settings > Alert Settings > TLP Controls.
Update TLP Control: Allows users to edit the preferences to automatically show and hide details in the alert or RFI email.
For more information about TLP control, see TLP Controls.
Trusted Sharing Community
The Sharing Community feature automates alert sharing between two Collaborate organizations via secure APIs, enabling collaboration and threat knowledge sharing. The following permissions are available in this module:
Create Sharing Community: Allows users to create rules to automate alert sharing and receiving in Administration > Community Sharing > Rules.
View Sharing Community: Allows users to view the details of configured rules.
Update Sharing Community: Allows users to update the details of existing rules.
For more information about rules, see Rules