Every user is assigned to a role that has permissions. The following tables describe the available permissions by feature or category.
Tip: For Kubernetes roles and permissions, see: Using and Creating Roles for Containers.
|Close selected alerts.
|Manage Alerts, Notes, and Tags
|Add, edit, and delete alerts, notes, and tags.
|Add, edit, and delete notifications.
|View Alerts, Notes, and Tags
|View and search alerts, notes, and tags.
|Access and view content on the Notifications page.
|Register workload appliances and send workload assets to Carbon Black Cloud.
|Register the Carbon Black Cloud workload appliance and send the workload inventory data on the Inventory > VM Workloads page. You must have appliance credentials to register the appliance with Carbon Black Cloud.
|View Appliance Details
|After registration of the Carbon Black Cloud workload appliance, view the appliance details on the Settings > API Access > API Keys page.
|Request Updated Compliance Data
|Request updated compliance data.
|View and Export Compliance Data
|View and export compliance data.
|View Container Security
|View and search container context in events and alerts.
|Manage Watchlist Feeds
|Enable or disable reports and IOCs from watchlists curated by Carbon Black and third parties.
|Add, edit, and delete custom watchlists, related reports, and IOCs. Subscribe and unsubscribe from watchlists curated by Carbon Black and third parties.
|View Watchlist Feeds
|View all watchlists; custom and curated by Carbon Black and third parties.
|View the Watchlists page and all available watchlists.
|Turn on/off blocking on the Policies page. Manage Policies is required to change policy settings.
|Manage External Devices
|Review external devices, create approvals for specific or multiple USB devices, and manage approvals.
|View External Devices
|View USB Devices page and all the detected external devices.
|Enable or disable background scan on a device.
|Enable or disable bypass mode on a device.
|Change Backend Server
|Change backend server.
|Deregister and Delete Sensors
|Manage deregistration and uninstall settings for sensors.
|Export Device Data
|Export device data to a CSV.
|Get and Delete a Hash from Specified Devices
|Upload and delete a hash from devices.
|Manage Device Assignments
|Assign policies to devices.
|Add and delete device owners; send activation codes. Download and update sensors and signature versions.
|Add, edit, and delete groups.
|Enable or disable quarantined state on a device.
|View Devices and Groups
|View device and group information.
|Delete uploaded reputation files.
|Manage Reputations and Auto-Banned List
|Add, edit, and delete reputations. Configure auto-banned list settings.
|View and search reputations; view auto-banned list settings.
|Manage Host Based Firewall Rules
|Add, edit, delete, and enforce Host-based Firewall rules.
|Use filters and search capability on the Investigate page.
|Export Event Data
|Export event data from the Investigate page to a CSV.
|Use Live Query
|Use all Live Query capabilities. Create, execute, and view query results.
|View Live Query
|View query results.
|Dump Memory and Remove Live Response
|Dump kernel memory and permanently remove Live Response from the asset.
|Execute Live Response Processes
|Execute processes on the remote asset.
|Use Live Response
|Initiate Live Response sessions, modify files and registry, and stop processes.
|View Live Response
|Initiate Live Response sessions, view files, registry, and processes.
|Download Sensor Kits
|Download and update sensor and signature version kits. User Interface requires the View Devices and Sensor Groups permission.
|Export Dashboard Data
|Export dashboard data to a CSV.
|Manage Data Forwarders
|Manage configuration settings for data forwarders.
|Manage Organization Information and Codes
|Create organization settings; set registry key and reset company registration codes.
|View and Export Audit Logs
|View and search audit logs; export audit log data to CSV.
|View Data Forwarders
|View the Data Forwarder page and all data forwarders.
|View Organization Information and Codes
|View organization settings, registry key, and company registration codes.
|Add, edit, and delete policies.
|Manage Public Cloud Accounts
|Manage public cloud accounts.
|View Public Cloud Accounts
|View public cloud accounts.
|View Public Cloud Inventory
|View public cloud inventory.
|Request Updated Vulnerability Data
|Refresh the Vulnerabilities page to get the latest data.
|View and Export Vulnerability Data
|View and export vulnerability data to a CSV.
|View Workload Consumption Dashboard
|View Workload Consumption Dashboard.
|Manage Kubernetes Security
|Manage Kubernetes security.
|Manage install sensor action for workload VMs.
|Adminster NSX Tags.
|View Image and Manage Image Exceptions
|View image and manage image exceptions.