User Accounts

The Users Accounts Management page provides the ability to add, edit, delete, or view the details of Tenable Identity Exposure user accounts.

Users belongs to two categories:

  • Global Administrator — An administrator role that includes all permissions.

  • User — A simple user role with read-only permissions over business data only.

Caution

If you have a standalone Tenable Identity Exposure license, you can opt to send data to the Tenable Platform through your settings. By doing this, you activate the Identity 360 and Security Engine features of Tenable Identity Exposure.

To facilitate communication with the Tenable Platform and track user actions, Tenable Identity Exposure automatically creates the following objects in the Tenable platform, visible in the Tenable Vulnerability Management container settings:

  • A group named with the pattern TIE - Autogenerated users - {random_string}

  • A Permission named TIE - Autogenerated - Can view all assets - {random_string} applied to the Group TIE - Autogenerated users - {random_string}. It allows the users to see the assets that Tenable Identity Exposure exported to the Tenable platform.

  • For each Tenable Identity Exposure user, a user named according to the pattern tie-{username}-{random_string} who is a member of the Group TIE - Autogenerated users - {random_string}. This user has a strong random password and you should not use it to authenticate in the Tenable Vulnerability Management container. It has Basic read-only rights in the Tenable Vulnerability Management container.

An administrator can see these objects but must not alter them, as changes could disrupt the Indentity 360 and Security Engine features.