Generic CFTR FAQs
Yes. When you search for a keyword in the global search or module-level search, the search scans all the text fields, such as titles, descriptions, and more, to retrieve records that contain the entered keyword, even if it's only a partial match. For example, if you search for CVE- (you must enter a minimum of 3 characters), the global search returns all the records that include the keyword in any text field across all modules. This helps you find relevant results without requiring the exact title or description.
Note
This feature is available in Respond v3.4.6 onwards. To enable Global and Module-level Search, contact Cyware Support.
You can click Forgot Password? on the sign-in page to reset your password. To allow password reset from the sign-in page, administrators must enable the Forgot Password setting for the Username/Password authentication method. If you do not see Forgot Password?, contact your administrator to reset the password.
Yes. CFTR admins can restrict or allow users of one Business Unit (BU) from accessing another BU data by removing or adding BUs in the Allowed Business Units section of individual users. To update the Allowed Business Units of a user, go to Admin Panel > User Management and click Edit Profile of a user.
Yes. After applying filters on the listing page, if you are signed out from CFTR or CFTR application refreshes, you can view the applied filters when you sign in again. You can also save the filters under SAVED SEARCHES.
You can check the updates to a record from the Activity Logs of the component. Open the records listing page of a component and click Activity Logs on the top-right corner.
You can follow a record to receive notifications when the record is updated. To follow a record, on the component listing page, click the Follow icon next to the record title.
Add labels to the records to classify the records of a component. If the required label is not available in the Labels drop-down list, contact your CFTR admin.
You can track any type of operation that takes a long time to process in the Background Process, for example, exports, bulk exports, advanced exports, and imports of devices and users.
Yes. You can enable Role based access control of Playbooks in Admin Panel > Configurations > Orchestrate Integration. For more information, see Configure RBAC for Orchestrate Playbooks section in Configure Role-Based Access Control (RBAC) in CFTR.
A bot user is used to define the permissions of an open API. An open API has the same permissions as the user group of the associated bot user. For example, if a bot user has View permission for incidents, the associated open API can retrieve incident data but not modify incidents.
You cannot view the data of a tenant if you are not a user of the tenant. To view the data, contact the admin to add you to the tenant.
Admins can define the permissions for a user group to control user access to various features and functionalities in Admin Panel > User Groups Management. For more information, see Configure Role-Based Access Control (RBAC) in CFTR. There are three types of permissions for every feature:
No Access: The users of the user group do not have permission to view the feature.
View: The users of the user group have read-only access to the feature.
Create/Update: The users of the user group have the create and update access to the feature.
Can I update the username of a user?
No. You cannot update the username of a user in User Management. If the email ID of a user has changed, you can update the email ID of the user. If updating the email ID does not solve the issue, you can create a new user.
The widget names must be unique. If you have added custom widgets with duplicate names, rename one of the widgets with a unique name from the widget library.
You can update the name of the Incident module only. For more information, see Update Incident Module Name.
The administrator must configure and enable the Google Maps integration to render the world map in the widgets.
Ensure that the Google Maps API key is valid, not expired, and is assigned with the required permissions. For more information, see Generate Google Maps API Key.
No. You cannot deactivate the out-of-the-box user groups. The out-of-the-box user groups are:
SOC Manager
Sr. Management
Threat Intel Analyst
IR Manager
Forensic Investigator
Incident Responder
SOC Analyst
CFTR Admin
No. You cannot delete an asset (devices, users, software, and applications) from Respond. As a best practice, configure the unique fields for the asset modules and then import them. For more information, see Configure Unique Fields for Assets.