User Groups Permission Set
CTIX offers Admin and Read-Only groups by default.
Admin: The Admin user group has permissions to all Intel Exchange features. Assigning this group to any user will grant them complete permissions to all Intel Exchange features. You can duplicate the default Admin user group and modify it to assign different levels of permissions.
Read-Only: The read-only user has permission to view a limited set of features in Intel Exchange. In addition to this, Read-only users can also create private saved search and private report schedules. For more information about Read-only groups, see Read-Only Group Permission Set.
You can also create custom user groups and set the following permissions:
View: You can define permissions to view the data of the feature. If you do not give view permissions, the whole feature is hidden in the application user interface and not visible to the users.
Create: You can define permissions to create an entity(Object) of the feature.
View & Update: You can define permissions to view and update existing data of the feature. The users can not add or create a new entity of this feature.
Enable Delete for All: After you set up permissions, you can enable this option and set the delete permissions for some features in your user group.
See the following table to understand how the permissions are mapped to features of CTIX.
User Group Permission | View | Create | View &Update | Feature Accessibility |
---|---|---|---|---|
Dashboards | Yes | Yes | Yes | Main Menu > Monitor & Measure > Dashboards |
Reports | Yes | Yes | Yes | Main Menu > Monitor and Measure > Reports |
Threat Data | Yes | NA | NA | Main Menu > Collections > Threat Data |
Threat Mailbox | Yes | Yes | Yes | Main Menu > Collections > Threat Mailbox |
Threat Bulletin | Yes | Yes | Yes | Main Menu > Collections > Threat Bulletin |
RSS Feeds | Yes | NA | NA | Main Menu > Collections > RSS Feeds |
Threat Investigations | Yes | Yes | Yes | Main Menu > Analysis > Threat Investigations |
ATT&CK Navigator | Yes | Yes | Yes | Main Menu > Analysis > ATT&CK Navigator |
Encode - Decode: Base64 | Yes | Yes | Yes | Main Menu > Analysis > Analyst Workbench > Encode - Decode: Base64 |
CVSS Calculator | Yes | NA | NA | Main Menu > Analysis > Analyst Workbench > CVSS Calculator |
Fang-Defang | Yes | NA | NA | Main Menu > Analysis > Analyst Workbench > Fang-Defang |
STIX Conversion | Yes | NA | NA | Main Menu > Analysis > Analyst Workbench > STIX Conversion |
Network Utilities | Yes | NA | NA | Main Menu > Analysis > Analyst Workbench > Network Utilities |
Rules | Yes | Yes | Yes | Main Menu > Actions > Rules |
Tasks | Yes | Yes | Yes | Main Menu > Actions > Global Tasks |
Create Intel | Yes | Yes | Yes | Main Menu > Dissemination > Detailed Submission |
Indicators Allowed | Yes | Yes | Yes | Main Menu > My Org > Indicators Allowed |
Watchlists | Yes | Yes | Yes | Main Menu > My Org > Watchlists |
Tags | Yes | Yes | Yes | Administration > Tag Management |
Enrichment Management | Yes | Yes | Yes | Administration > Enrichment Management |
Audit Logs | View Configuration Logs View Subscriber Logs View User Activity Logs | NA | NA | Administration > Audit Log Management |
Organization Type | Yes | Yes | Yes | Administration > Organization Type |
User Listing | Yes | Yes | Yes | Administration > User Management > User Listing |
User Group | Yes | Yes | Yes | Administration > User Management > User Group |
Feed Sources | Yes | Yes | Yes | Administration > Integration Management > Feed Sources |
Configuration | Yes | Yes | Yes | Administration > Configuration |
Subscribers | Yes | Yes | Yes | Administration > Integration Management > Feed Consumers > Subscribers |
Spokes/Subsidiaries | Yes | Yes | Yes | Administration > Integration Management > Feed Sources > Spokes/Subsidaries |
Tool Integrations | Yes | Yes | Yes | Administration > Integration Management > Tool Integrations |
CTIX Integrators | Yes | Yes | Yes | Administration > Integration Management > Tool Integrations |
License Management | Yes | Yes | Yes | Administration > License Management |
Certificates | Yes | Yes | Yes | Administration > Certificates |
STIX Collections | Yes | Yes | Yes | Administration > STIX Collections |
Confidence Score | Yes | Yes | Yes | Administration > Confidence Score |
Notes | Yes | Yes | Yes | Main Menu > Collections > Global Notes |
Web Scrapper | Yes | NA | NA | Administration > Integration Management > Feed Sources > Web Scrapper |
Browser Extension | Yes | NA | NA | Administration > Integration Management > Third Party Developers > Browser Extension |
API Feeds | Yes | NA | NA | Administration > Integration Management > Feed Sources > APIs |
Webhooks | Yes | NA | NA | Administration > Integration Management > Feed Sources > Webhooks |
Import Intel | Yes | Yes | NA | New > Import Intel |
Quick Intel | Yes | Yes | NA | New > Quick Add Intel |
Custom Entities Management | Yes | Yes | Yes | Administration > Custom Entities Management |
Enable Delete for All | Associate Delete permissions with certain features. | NA | NA | Include delete permissions for the following features:
|
Read-Only Group Permission Set
The following table shows the permissions that can be assigned to a custom read-only group.
User Group Permission | View | Create | Exclusions | Feature Accessibility |
---|---|---|---|---|
Dashboards | Yes | No | Feeds ROI Dashboard, Rules Dashboard | Main Menu > Monitor & Measure > Dashboards |
Reports | Yes | Yes (Private and visible only to the creator) | Main Menu > Monitor and Measure > Reports | |
Enrichment Management | Yes | No | Main Menu > Collections > Threat Data | |
Threat Data | Yes | No | Tasks, Notes | Main Menu > Collections > Threat Data |
Threat Bulletin | Yes | No | Main Menu > Collections > Threat Bulletin | |
RSS Feeds | Yes | No | Main Menu > Collections > RSS Feeds | |
ATT&CK Navigator | Yes | No | Main Menu > Analysis > ATT&CK Navigator | |
Analyst Workbench | Yes | No | Main Menu > Analysis > Analyst Workbench > Network Utilities | |
Indicators Allowed | Yes | No | Main Menu > My Org > Indicators Allowed | |
Tags | Yes | No | Administration > Tag Management |