Roles management - Administrator Guide - 8.5 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR On-prem Documentation

Product
Cortex XSOAR
Version
8.5
Creation date
2024-03-10
Last date published
2025-01-15
Category
Administrator Guide
Solution
On-prem
Abstract

Configure roles in the Cortex XSOAR tenant.

You can assign the following permissions to various components in Cortex XSOAR:

Permission

Description

None

No access to the specified component.

View

View, but not edit the specified component.

View/Edit

View and edit the specified component.

Out-of-the-box roles

Cortex XSOAR includes the following out-of-the-box roles:

Role

Type

Description

Account Admin

Predefined

The user who supplied their credentials when installing Cortex XSOAR is assigned the Account Admin role. This user has view/edit permissions for all components and access to all pages in the Cortex XSOAR tenant (the same view/edit permissions as the Instance Administrator). You cannot create additional Account Admin roles in Cortex XSOAR.

You cannot edit this role. You can copy the role by saving it as a new role and then change permissions.

Instance Administrator

Predefined

View/edit permissions for all components and access to all pages in the Cortex XSOAR tenant. The Instance Administrator can also assign the Instance Administrator role to other users on the tenant. If the application has predefined or custom roles, the Instance Administrator can assign those roles to other users.

You cannot edit this role. You can copy the role by saving it as a new role and then change permissions.

Analyst

Custom

A mix of view and view/edit permissions for all components and access to all pages in the Cortex XSOAR tenant.

Read-Only

Custom

Read permissions for all components and pages in the Cortex XSOAR tenant.

Note

By default, users do not have roles assigned. If no direct or user group role has been assigned, users have no permission to view or edit data in Cortex XSOAR.

Next steps

Before you start creating or customizing roles, do the following:

  • Review the Role-based permissions topic.

  • Decide whether you want to assign roles to users directly or through membership in user groups (recommended) in the Cortex XSOAR tenant.