FAQ
What are the platform roles and what permissions does each role have?
Section titled “What are the platform roles and what permissions does each role have?”Currently these permissions are divided into 7 hardcoded roles:
- Admins: Full access across all modules, including managing users, configuring integrations, and adjusting organization settings.
- Editors: Can create, modify, and delete content like risks, incidents, threats, and documents, and can perform actions like approving threat proposals, but cannot change organization-level settings, manage other users, or configure integrations.
- Viewers: Read-only access across the entire platform. Viewers can follow risks and incidents. Can generate Governance Decks such as CyberGov and Board Deck material.
- Risk Viewer: Read only access to all modules except the incident module. Can follow risks.
- Risk Editor: Can create, modify, and delete resources excluding the incident module. Can suggest and approve Threat Profile changes.
- Incident Viewer: Read only access to all modules except the risk module. Can follow incidents.
- Incident Editor: Can create, modify, and delete resources excluding the risk module. Can suggest Threat Profile changes.
How are roles assigned?
Section titled “How are roles assigned?”User roles can be assigned in two ways:
- Set when the account of the user is being created for the first time. During account creation, the email address of the user is entered, along with a selection of the role they will be responsible for in the Adversarial platform.
- Change in an existing account / role of the user, either upgrading or downgrading their permissions in the platform.
Can I create a custom role?
Section titled “Can I create a custom role?”The permission system is built on a granular, bitflag-based architecture designed for extensibility. The database-backed role infrastructure and junction table schema already support custom roles and multi-role assignment. Custom roles — allowing organizations to define their own permission sets tailored to specific workflows — are planned as a near-term addition.
Is there a limitation regarding the number of administrators a tenant can have?
Section titled “Is there a limitation regarding the number of administrators a tenant can have?”A tenant can have many Administrators. At a minimum each tenant needs to have at least one Administrator.
A user does not have the ability to modify their own permissions and change their role. This change must be done by another administrator.
Can Risk Editors and Incident Editors adjust and approve the Threat Profile?
Section titled “Can Risk Editors and Incident Editors adjust and approve the Threat Profile?”Both the Risk and Incident Editors can edit threats and save to make suggestions. Of these two roles, only the Risk Editor can approve changes to a Threat Profile. This is to ensure any new assignments of AKRs or adjustments are approved accordingly.
Can Risk Viewers/Editors and Incident Viewers/Editors generate Governance Decks?
Section titled “Can Risk Viewers/Editors and Incident Viewers/Editors generate Governance Decks?”No, these roles currently do not have the permissions to generate CyberGov and Board Decks as the decks contain access to data that they may not have permission to view. A user needs to be a platform Admin, Editor, or Viewer to generate CyberGov and Board Decks.