User Roles

The following table briefly describes the available user roles and related permissions. For detailed permissions information, see User Role Permissions.

Name Description
Tenable.io Vulnerability Management User Roles

Basic

Can only manage their user profile and view scan results, including dashboards.

Scan Operator Can create and run scans, but may only use existing scan user-defined scan templates that were created by a standard user or higher. They can create user target groups for use in scans.

Standard

In addition to scan operator privileges, can view user-defined scan templates that were created by a scan manager user or higher.

Scan Manager

In addition to standard user privileges, can configure scan settings and create, configure, use, and delete user-defined scan templates. They can also manage scanners, agents, and exclusions.

Administrator

Has all permissions, is responsible for setting up the account, and knows the organization's architecture. They can create groups to organize different business units, and add and manage users on the account.

Tenable.io Web Application Scanning User Roles

Basic

Can only manage their user profile and view scan results, including dashboards.

WAS Reader Can only manage their user profile and view scan results, including dashboards.
WAS Scan Operator Can create and run web application scans, but may only use existing scan user-defined scan templates that were created by a standard user or higher.
WAS Standard In addition to scan operator privileges, can view user-defined scan templates that were created by a scan manager user or higher.
WAS Scan Manager In addition to standard user privileges, can configure scan settings and create, configure, use, and delete user-defined scan templates.

Administrator

Has all permissions, is responsible for setting up the account, and knows the organization's architecture. They can create groups to organize different business units, and add and manage users on the account.

Tenable.io Container Security User Roles  
Basic Limited to viewing, searching, and filtering Tenable.io Container Security data.

Scan Operator

and

Standard

Can import, manage, and delete images and image repositories, but may only use policies set by a scan manager user or higher.
Scan Manager In addition to scan operator privileges, can create, manage, and enforce policies.
Administrator Has all permissions, is responsible for setting up the account, adding and managing users, and configuring connections to registries.