Permission Management in the Cortex Gateway - Administrator Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
8
Creation date
2024-02-14
Last date published
2024-06-17
Category
Administrator Guide
Solution
Cloud
Abstract

Cortex XSOAR enables you to manage roles and permissions for a single tenant or a number of tenants at the same time in the Cortex Gateway.

You can use the Permission Management in the Cortex Gateway to view and manage tenants, role-based access control (RBAC) and user-group settings across all products.

You can set permission levels. Each product includes their own components.

You can manage roles and permissions for a single tenant or a number of tenants at the same time by clicking Permission Management in the Cortex Gateway. This is usually used after activating for the first time. For detailed information about the permission levels in Cortex XSOAR, see Role-based Permission Levels.

Note

  • To create and assign roles, you must first activate your Cortex XSOAR tenant and be assigned an Account Admin role in the Cortex Gateway.

  • If you are managing more than one CSP account, in the ACCOUNT NAME field, select the account you want to display. If you only manage one CSP account, Cortex XSOAR only displays the roles available on your tenant.

  • Groups and Group Roles can only be configured in Cortex XSOAR.

Permission Management is divided into the following sections:

Permissions

In the Permissions tab you can view permissions by either users or tenants.

  • In the Users tab, you can view all the users allocated to a specific Customer Support Portal (CSP) account. If a user is not listed, ensure that the user is added to the Customer Support Portal. The Permissions table provides information such user name, email, groups, tenants, roles, etc. You can manage each user by updating their roles and deleting their permissions.

  • In the Tenants tab, you can view each tenant and the users who have access. You can manage each tenant by updating permissions and editing the roles and available users.

You can select whether to Show User Subset to display only the users who are not designated as Hidden users (default). For example, this is useful when you have users who are not related to Cortex XSOAR and will not be designated with a Cortex XSOAR role, such as CSP Super Users, and you want to hide them from the list.

You can do the following by either right clicking the relevant user or clicking the pencil located to the right of the row:

  • Add Permissions. In the Add Permissions window, select from the list of Available Tenants for which you want to grant permissions. Add the roles as required.

  • Update Permissions: In the Update Permissions window, select a role from either the Default Roles or Custom Roles you want to assign the user and Update the role.

  • Remove Permissions: Remove any required permissions. You cannot deactivate a user that has an Account Admin role.

  • Hide Users: Locate the user you want to hide, right-click, and select Hide User. When a user is designated as hidden, the user is no longer displayed in the Permissions table when the table is configured to Show User Subset (default configuration).

Roles

Lists the pre-defined user roles and custom-defined roles. Use roles to assign specific view and action access privileges to administrative user accounts. Configure administrative access to suit the security requirements of your organization. The built-in roles provide specific access rights that cannot be changed. The roles you create provide more granular access control. You can define new roles or edit existing roles. You can see who created the role and in the TENANT field, where the role was created (Cortex Gateway or the tenant).

You can do the following:

  • Copy an existing role: Locate the predefined role that you want to base your custom role on, right-click and select Save As New Role. Add the details as required.

  • Create a new role: Select New Role and add the required details.

  • Edit role permissions (only available for roles you create): Locate the custom role you want to edit, right-click and select Edit Role.