Roles
To view your user roles, in the top navigation bar, click 
Settings & Information > Access Control, then click the Roles tab.
This page describes the roles that you can assign to users in Tenable Enclave Security
| Role | Description |
|---|---|
|
Super Administrator |
Super Administrator users have the system-provided Super Administrator role and do not belong to any organization. You can create Super Administrator users when you configure Tenable Enclave Security. |
| Organizational Users - Users that belong to an organization. | |
|
Security Manager |
The Security Manager role has full access to all actions at the organization level. A Security Manager has the ability to create new groups and manage existing ones. A Security Manager can also define how users interact with other groups.\n\nThe ability to manage other users and their objects can be configured using group permissions on the Access tab of User add/edit. This includes viewing and stopping running scans and reports. |
|
Auditor |
The Auditor role can access summary information to perform third-party audits. An Auditor can view dashboards, reports, and logs, but cannot perform scans or create tickets. |
|
Credential Manager |
The Credential Manager role can be used specifically for handling credentials. A Credential Manager can create and share credentials without revealing the contents of the credential. This can be used by someone outside the security team to keep scanning credentials up to date. |
|
Executive |
The Executive role is for users who are interested in a high-level overview of their security posture and risk profile. Executives would most likely browse dashboards and review reports, but would not be concerned with monitoring running scans or managing users. Executives would also be able to assign tasks to other users using the ticketing interface. |
|
Security Analyst |
The Security Analyst role has permissions to perform all actions at the Organizational level except managing groups and users. A Security Analyst is most likely an advanced user who can be trusted with some system-related tasks such as setting freeze windows or updating plugins. |
|
Vulnerability Analyst |
The Vulnerability Analyst role can perform basic tasks within the application. A Vulnerability Analyst is allowed to view security data, perform scans, share objects, view logs, and work with tickets. |
|
Custom Role |
A custom role that you create by enabling or disabling individual permissions. |