Groups Permission
- Borja Moro Moreno
Devo SOAR provides the following permissions, along with a description of each permission type, as well as the category to which it belongs.
Administrative Permissions
Permission | Description | Type |
|---|---|---|
User Management | Allows you to manage people who can use Devo SOAR. | List: This allows you to view the entities created by you and those that are shared with you. |
Create: This allows you to view the entities created by you, those that are shared with you, and create new entities. Also, allows you to manage users and groups. | Â | Â |
Admin: This allows you to view or edit all the entities created by any user and also create new entities. Can also use the single sign-on option and all other permissions of create. | Â | Â |
Platform Permissions
Permission | Description | Type |
|---|---|---|
Kibana | Allows you to use the Devo SOAR SIEM platform for querying your data sources. | Access: Allows users to access Kibana. |
Content Permissions
Permission | Description | Type |
|---|---|---|
Case Management | Allows you to track activity related to investigations of threats and other security issues. | Admin: All users that have permission on a case type can view and edit fields, tasks or comments. |
User: User of Case Management need to be assigned permission to individual case types to view/edit that case type. | Â | Â |
Connection | Allows you to import data into Devo SOAR from SIEMs, Elastic Search, File, or a Directory. | List: Allows you to view and manage permissible connections. |
Create: Allows you to create a new connection and all the List permissions. | Â | Â |
Admin: Allows you to view, create, and manage all permissions on all connections in your organization. | Â | Â |
Integration Connection | Allows you to exchange data/automate actions in supported third-party applications. | List: Allows you to view and manage integration instances. |
Create: Allows you to create a new integration instance and all the List permissions. | Â | Â |
Admin: Allows you to view, manage, and create all permissions on all integration instances in your organization. | Â | Â |
Dashboard | Allows you to visualize data from Playbooks or Files. | List: Allows you to view and manage permissible dashboards. |
Create: Allows you to create a new dashboard and all the List permissions. | Â | Â |
Admin: Allows you to view, create, and manage all permissions on all dashboards in your organization. | Â | Â |
Playbook | Codifies a security analyst's intelligence to analyze the imported data. | List: Allows you to view and manage permissible playbooks. |
Create: Allows you to create playbooks and all the List permissions. | Â | Â |
Admin: Allows you to view or edit all the entities created by any user and also create new entities. | Â | Â |
Command | This is a type of playbook that executes on-demand based on inout arguments. | List: Allows you to view and manage permissible commands. |
Create: Allows you to create a command and all the List permissions. | Â | Â |
Admin: Allows you to view, create, and manage all permissions on all commands in your organization. | Â | Â |
Event Type | This is a query to import data into Devo SOAR from a connection. | List: Allows you to view and manage permissible event types. |
Create: Allows you to create a new event type and all the List permissions. | Â | Â |
Admin: Allows you to view, create, and manage all permissions on all event types in your organization. | Â | Â |
Destination | Receives the results of playbooks to a connection. | List: Allows you to view and manage permissible destinations. |
Create: Allows you to create a new destination and all the List permissions. | Â | Â |
Admin: Allows you to view, create, and manage all permissions on all destinations in your organization. | Â | Â |
Custom List | Stores and reuses the data from any playbook in others. | List: Allows you to view and manage permissible custom list. |
Create: Allows you to create a new custom list and all the List permissions. | Â | Â |
Admin: Allows you to view, create, and manage all permissions on all custom list in your organization. | Â | Â |
Stream | Automates your playbook by executing it in batches at preset intervals. | List: Allows you to view and manage permissible streams. |
Create: Allows you to create a new stream and all the List permissions. | Â | Â |
Admin: Allows you to view, create, and manage all permissions on all streams in your organization. | Â | Â |
Baseline | Serves as a reference of normal IT activities. Can be created from and used in playbooks. | List: Allows you to view and manage permissible baselines. |
Create: Allows you to create a new baseline and all the List permissions. | Â | Â |
Admin: Allows you to view, create, and manage all permissions on all baselines in your organization. | Â | Â |
User Form | Request input from users and automatically include the responses in a case or playbook | List: Allows you to view and manage permissible User Forms. |
Create: Allows you to create a new User Form and all the List permissions. | Â | Â |
Admin: Allows you to view, create, and manage all permissions on all User Forms in your organization. | Â | Â |