User Accounts

The Users Accounts Management page provides the ability to add, edit, delete, or view the details of Tenable Identity Exposure user accounts.

Users belongs to two categories:

  • Global Administrator — An administrator role that includes all permissions.

  • User — A simple user role with read-only permissions over business data only.

Caution

If you have a standalone Tenable Identity Exposure license, you can opt to send data to the Tenable Platform through your settings. By doing this, you activate the Identity 360 and Security Engine features of Tenable Identity Exposure.

To facilitate communication with the Tenable Platform and track user actions, Tenable Identity Exposure automatically creates the following objects in the Tenable platform, visible in the Tenable Vulnerability Management container settings:

  • A group named with the pattern TIE - Autogenerated users - {random_string}

  • A Permission named TIE - Autogenerated - Can view all assets - {random_string} applied to the Group TIE - Autogenerated users - {random_string}. It allows the users to see the assets that Tenable Identity Exposure exported to the Tenable platform.

  • For each Tenable Identity Exposure user, a user named according to the pattern tie-{username}-{random_string} who is a member of the Group TIE - Autogenerated users - {random_string}. This user has a strong random password and you should not use it to authenticate in the Tenable Vulnerability Management container. It has Basic read-only rights in the Tenable Vulnerability Management container.

An administrator can see these objects but must not alter them, as changes could disrupt the Indentity 360 and Security Engine features.

  1. In Tenable Identity Exposure, click Accounts > User accounts management.

    The User accounts management pane appears.

  2. Click the Create a user button on the right.

    The Create a user pane appears.

  3. Under the Main Information section, type the following information about the user:

    • First name

    • Surname (last name)

    • Email

    • Password: requires at least 12 characters with at least: 1 lowercase, 1 uppercase, 1 number, and 1 special character

    • Password confirmation

    • Department

    • Biography

  1. Click the toggle Allow authentication to activate the user.

  2. Under the Roles Management section, select a role to apply to the user.

  3. Click Create.

    A message confirms that Tenable Identity Exposure created the user with the selected role.

  1. In Tenable Identity Exposure, click Accounts > User accounts management.

    The User accounts management pane appears.

  2. In the list of users, hover over the line where the user's name appears and click the icon at the end of the line.

    The Edit a user pane appears.

  3. Under the Main Information section, modify the information about the user as needed:

    • First name

    • Surname (last name)

    • Email

    • Password: requires at least 8 characters

    • Password confirmation

    • Department

    • Biography

  1. Under the Roles Management section, modify the user's role as needed.

  2. Click Edit.

    A message confirms that Tenable Identity Exposure updated the user with the selected role.

  1. In Tenable Identity Exposure, click Accounts > User accounts management.

    The User accounts management pane appears.

  2. In the list of users, hover over the line where the user's name appears and click the icon at the end of the line.

    The Edit a user pane appears.

  3. Click the toggle Allow authentication to deactivate the user.

  4. Click Edit.

    A message confirms that Tenable Identity Exposure updated the user.

  1. In Tenable Identity Exposure, click Accounts > User accounts management.

    The User accounts management pane appears.

  2. In the list of users, hover over the line where the name of the user you want to delete appears and click the icon at the end of the line.

    A message asks you to confirm the deletion.

  3. Click Delete.

    A message confirms that Tenable Identity Exposure deleted the user.