Secberus allows you to invite team members to view and contribute to organizations in your account. Using the role-based access control (RBAC) method of regulating access, users are assigned roles within an organization to grant only the amount of access needed to perform their jobs. (See managing user access for more information.)
For customers that need to provide a more granular level of access, Secberus includes the ability to create custom roles via access policies, utilizing the attribute-based access control (ABAC) method.
To create a user, first navigate to the Secberus Admin by clicking Manage account in the Organization Select Menu.
Then select the Users item in the sidebar.
Click the + New user button to bring up the setup screen.
Include the new user's first name, family or last name, and email address, then hit Create.
Once the user account is created, the user will need to be assigned a role(s) in order to access one or more organizations.
The user will receive an email with instructions to sign into their account. They will be able to view/manage organizations based on the roles they are assigned.
Only users with the role account owner, can create, edit, and remove users. By default, your Secberus account will be set up with one organization and one user that has the role of account owner. There can be multiple users with the account owner role within a Secberus account.
To manage the access permissions for a user, navigate to the user settings page by navigating to the Secberus Admin and selecting the Users item.
Click on the user you would like to manage access for.
Click the + Add permissions button to bring up the Add permissions configuration or check the Account owner checkbox to give the user unrestricted access to your Secberus account.
Choose the Organizations the user should have access to, and then select the Roles the user should have for those specific organizations. See Predefined roles for a detailed list of access roles and permissions, or you can create custom roles.
You can use multiple Roles together to determine a user's access to each organization.
The following roles are available for organization access.
|View risk posture, compliance, and overview dashboards||x||x||x||x|
|View data sources||x||x||x||x|
|Create, edit, and delete data sources||x||x|
|View policy details||x||x||x||x|
|Create, edit, and delete policies||x||x||x|
|View, create, edit, and delete policy exceptions||x||x||x|
|View, create, edit, and delete policy categories||x||x|
|Enable/disable policy frameworks||x||x|
|Mark violations as exceptions||x||x||x|
|Create, edit, and delete workflows||x||x|
|Create, edit, and delete integrations||x||x|
|Create, edit, and delete reports||x||x|
|View activity log||x|
|Organizations and User management|
|View, create, edit, and delete organizations||x|
|Create, edit, and delete users||x|
|Manage user access||x||x|
Updated 3 days ago