Role Based Access Control (RBAC)

Salem leverages pre-defined roles to control what actions user can perform

RBAC in Salem

Salem supports predefined roles that control the actions a user can perform.

Salem Roles

Role Title

Description

salem.admin

Full access to all Salem features and configurations

salem.analyst

Salem analysts can perform any training or response action from a Salem alert. They are able to search for alerts and download alert data. They are not able to view or update any Salem configuration data. This includes all features in the Salem admin menu.

salem.user

This is a read only role. Salem users are able to see Salem alerts, but are not able to interact with any training or response capabilities.

Configure User Roles

For most users of Salem, user access and role assignments are set in the Salem Azure Enterprise Application. For information on how to create a role and assign users to that role, see Create App User Roles

Unauthenticated Access to Salem

Salem does not allow users to interact with its chat or web browser capabilities unless they have a valid Salem role. However, if a valid Salem user adds Salem to a group in Slack or MS Teams, Salem will not be able to validate that all members of that group have a valid Salem role. This means Salem may post threat notifications into a group with members who aren't Salem users.

PreviousCreate and Update Secrets NextWhat's New

Last updated 24 days ago