Skip to main content

Scopes

On this page, you can create and manage the scope of a user’s access within the Cyberhaven Console. Go to Preferences > Roles and Scopes.

The scope specifies the range of access a user has to datasets and risk groups within the Risks Overview and Insider Risk pages of the Cyberhaven Console. The table on the Scopes tab displays a list of all the scopes you have created. The Full Access scope is predefined and cannot be modified or deleted.

Creating a new scope

  1. In the Scopes tab, click on New Scope.

  2. In the New Access Scope window, enter a scope name and a brief description of the scope.

  3. Select the scope of access to datasets. Options are the following: a. Full Access: Grants the user access to all datasets and their events.

    1. Include: Restricts user access to the specified datasets and their events.

    2. Exclude: Allows access to all datasets and related events, except those in the specified datasets.

  4. Select the scope of access to User Risk Groups. You can create User Risk Groups on the Insider Risk page. Options are the following: a. Full Access: Grants the user access to all user risk groups created in the Cyberhaven Console and their events.

    1. Include: Restricts user access to events within the specified user risk groups only.

    2. Exclude: Allows access to all events, except those in the specified user risk groups.

  5. Click Save to create the scope. The new scope is added to the Scopes page.

Applying the scope

After you've created the scope, you can assign it to a user and define their access to specific datasets and user risk groups.

  1. Navigate to Preferences > Users.

  2. Click on the Actions menu for a user and select Change scope. Apop up window with the list of scopes is displayed.

  3. Select the scope you want to assign to the user and click Save.

Additionally, when inviting a new user to the Console, you have the option to assign them a specific scope.

Editing a scope

To modify an existing scope.

  1. Click on the actions menu for the scope and select Edit.

  2. On the Edit Access Scope page, modify the access and click Save.

Deleting a scope

1. Click on the actions menu for the scope and select Delete.

2. On the confirmation pop-up window, click Delete.