User Groups Permission Set

Cyware Threat Intelligence eXchange

User Groups Permission Set

CTIX offers Admin and Read-Only groups by default.

Admin: The Admin user group has permissions to all Intel Exchange features. Assigning this group to any user will grant them complete permissions to all Intel Exchange features. You can duplicate the default Admin user group and modify it to assign different levels of permissions.
Read-Only: The read-only user has permission to view a limited set of features in Intel Exchange. In addition to this, Read-only users can also create private saved search and private report schedules. For more information about Read-only groups, see Read-Only Group Permission Set.

You can also create custom user groups and set the following permissions:

View: You can define permissions to view the data of the feature. If you do not give view permissions, the whole feature is hidden in the application user interface and not visible to the users.
Create: You can define permissions to create an entity(Object) of the feature.
View & Update: You can define permissions to view and update existing data of the feature. The users can not add or create a new entity of this feature.
Enable Delete for All: After you set up permissions, you can enable this option and set the delete permissions for some features in your user group.

See the following table to understand how the permissions are mapped to features of CTIX.

User Group Permission	View	Create	View &Update	Feature Accessibility
Dashboards	Yes	Yes	Yes	Main Menu > Monitor & Measure > Dashboards
Reports	Yes	Yes	Yes	Main Menu > Monitor and Measure > Reports
Threat Data	Yes	NA	NA	Main Menu > Collections > Threat Data
Threat Mailbox	Yes	Yes	Yes	Main Menu > Collections > Threat Mailbox
Threat Bulletin	Yes	Yes	Yes	Main Menu > Collections > Threat Bulletin
RSS Feeds	Yes	NA	NA	Main Menu > Collections > RSS Feeds
Threat Investigations	Yes	Yes	Yes	Main Menu > Analysis > Threat Investigations
ATT&CK Navigator	Yes	Yes	Yes	Main Menu > Analysis > ATT&CK Navigator
Encode - Decode: Base64	Yes	Yes	Yes	Main Menu > Analysis > Analyst Workbench > Encode - Decode: Base64
CVSS Calculator	Yes	NA	NA	Main Menu > Analysis > Analyst Workbench > CVSS Calculator
Fang-Defang	Yes	NA	NA	Main Menu > Analysis > Analyst Workbench > Fang-Defang
STIX Conversion	Yes	NA	NA	Main Menu > Analysis > Analyst Workbench > STIX Conversion
Network Utilities	Yes	NA	NA	Main Menu > Analysis > Analyst Workbench > Network Utilities
Rules	Yes	Yes	Yes	Main Menu > Actions > Rules
Tasks	Yes	Yes	Yes	Main Menu > Actions > Global Tasks
Create Intel	Yes	Yes	Yes	Main Menu > Dissemination > Detailed Submission
Indicators Allowed	Yes	Yes	Yes	Main Menu > My Org > Indicators Allowed
Watchlists	Yes	Yes	Yes	Main Menu > My Org > Watchlists
Tags	Yes	Yes	Yes	Administration > Tag Management
Enrichment Management	Yes	Yes	Yes	Administration > Enrichment Management
Audit Logs	View Configuration Logs View Subscriber Logs View User Activity Logs	NA	NA	Administration > Audit Log Management
Organization Type	Yes	Yes	Yes	Administration > Organization Type
User Listing	Yes	Yes	Yes	Administration > User Management > User Listing
User Group	Yes	Yes	Yes	Administration > User Management > User Group
Feed Sources	Yes	Yes	Yes	Administration > Integration Management > Feed Sources
Configuration	Yes	Yes	Yes	Administration > Configuration
Subscribers	Yes	Yes	Yes	Administration > Integration Management > Feed Consumers > Subscribers
Spokes/Subsidiaries	Yes	Yes	Yes	Administration > Integration Management > Feed Sources > Spokes/Subsidaries
Tool Integrations	Yes	Yes	Yes	Administration > Integration Management > Tool Integrations
CTIX Integrators	Yes	Yes	Yes	Administration > Integration Management > Tool Integrations
License Management	Yes	Yes	Yes	Administration > License Management
Certificates	Yes	Yes	Yes	Administration > Certificates
STIX Collections	Yes	Yes	Yes	Administration > STIX Collections
Confidence Score	Yes	Yes	Yes	Administration > Confidence Score
Notes	Yes	Yes	Yes	Main Menu > Collections > Global Notes
Web Scrapper	Yes	NA	NA	Administration > Integration Management > Feed Sources > Web Scrapper
Browser Extension	Yes	NA	NA	Administration > Integration Management > Third Party Developers > Browser Extension
API Feeds	Yes	NA	NA	Administration > Integration Management > Feed Sources > APIs
Webhooks	Yes	NA	NA	Administration > Integration Management > Feed Sources > Webhooks
Import Intel	Yes	Yes	NA	New > Import Intel
Quick Intel	Yes	Yes	NA	New > Quick Add Intel
Custom Entities Management	Yes	Yes	Yes	Administration > Custom Entities Management
Enable Delete for All	Associate Delete permissions with certain features.	NA	NA	Include delete permissions for the following features: Dashboards Reports Threat Mailbox ATT&CK Navigator Rules Indicators Allowed Watchlists Tag Management Enrichment Management User Listing Feed Sources Tool Integrations CTIX Integrators Notes

Read-Only Group Permission Set

The following table shows the permissions that can be assigned to a custom read-only group.

User Group Permission	View	Create	Exclusions	Feature Accessibility
Dashboards	Yes	No	Feeds ROI Dashboard, Rules Dashboard	Main Menu > Monitor & Measure > Dashboards
Reports	Yes	Yes (Private and visible only to the creator)		Main Menu > Monitor and Measure > Reports
Enrichment Management	Yes	No		Main Menu > Collections > Threat Data
Threat Data	Yes	No	Tasks, Notes	Main Menu > Collections > Threat Data
Threat Bulletin	Yes	No		Main Menu > Collections > Threat Bulletin
RSS Feeds	Yes	No		Main Menu > Collections > RSS Feeds
ATT&CK Navigator	Yes	No		Main Menu > Analysis > ATT&CK Navigator
Analyst Workbench	Yes	No		Main Menu > Analysis > Analyst Workbench > Network Utilities
Indicators Allowed	Yes	No		Main Menu > My Org > Indicators Allowed
Tags	Yes	No		Administration > Tag Management

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.

Cyware Threat Intelligence eXchange

User Groups Permission Set

Read-Only Group Permission Set

Search results