search
Back to binalyze.com

User Roles

In AIR, the Global Admin has full control over managing 118 specific privileges, allowing the creation of highly customized user roles. This granular access control ensures that each user or group has permissions tailored to their specific needs, such as handling evidence acquisition, interACT sessions, or audit log management.

A useful feature within this setup is the tooltips provided alongside each privilege. These tooltips highlight any dependencies that may exist between privileges, helping administrators configure roles accurately without unintentionally restricting necessary functions.

For example, an admin could create a role that enables a user to access interACT for remote evidence collection while restricting access to audit logs or system-wide settings. The tooltips ensure that admins are aware of any required privileges to avoid misconfigurations.

This approach provides both flexibility and clarity, empowering admins to manage user roles effectively.

hashtag
Default Role Privileges

The tables below show the default privileges assigned to each built-in role. These can be customized by creating new roles with specific privilege combinations.

circle-info

Note: Global Admin is not shown in these tables as this role has full access to all privileges by default.

circle-check

Download: For offline reference or custom analysis, download the complete privilege matrix as CSVarrow-up-right.

hashtag
System Privileges

hashtag
Backup

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Backup

Backup Now

Delete Backup

Download Backup

hashtag
License

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View License Key

Update License Key

hashtag
Organizations

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

Create Organization

Delete Organization

hashtag
Settings

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

Save Settings

hashtag
Others

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

Download Server Logs

hashtag
User Privileges

hashtag
Acquisition

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Acquisition Profile

Create Acquisition Profile

Update Acquisition Profile

Delete Acquisition Profile

hashtag
Auditlog

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Auditlog

hashtag
Auto Asset Tags

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

Create Auto Asset Tag

Update Auto Asset Tag

View Auto Asset Tag

Delete Auto Asset Tag

Assign Auto Asset Tagging Task

hashtag
Automation Hub

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Automation Hub

Manage Automation Hub

hashtag
Case

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Case

Create Case

Manage Case

Update Case Status

Change Owner Case

hashtag
Cloud Acquisition Profile

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Cloud Acquisition Profile

Create Cloud Acquisition Profile

Update Cloud Acquisition Profile

Delete Cloud Acquisition Profile

hashtag
Cloud Asset Account

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Cloud Asset Account

Create Cloud Asset Account

Delete Cloud Asset Account

Sync Cloud Asset Account

hashtag
Cloud Forensics

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

Manage Cloud Account

Deploy Responder to Cloud

hashtag
Asset

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

Create Asset

Edit Asset Label

Delete Asset

View Asset

Sync LDAP

Download Asset Logs

Import Off-Network Asset

Import PPC to Existing Asset

Update Asset Connection Route

Update Asset Maintenance Mode

hashtag
Asset Tag

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

Create Asset Tag

Update Asset Tags

Delete Asset Tag

Delete All Asset Tags

Remove Tags from Asset

Add Tags to Assets

hashtag
Event Subscriptions

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

Create Event Subscriptions

Update Event Subscriptions

View Event Subscriptions

Delete Event Subscriptions

hashtag
Evidence

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Evidence Repository

Create Evidence Repository

Update Evidence Repository

Delete Evidence Repository

View Case Report

hashtag
Full Text Search Profile

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Full Text Search Profile

Create Full Text Search Profile

Update Full Text Search Profile

Delete Full Text Search Profile

hashtag
Disk Image Acquisition Profile

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Disk Image Acquisition Profile

Create Disk Image Acquisition Profile

Update Disk Image Acquisition Profile

Delete Disk Image Acquisition Profile

hashtag
interACT Library

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View interACT Library

Modify interACT Library

hashtag
interACT Shell

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

Enumerate

Read Content

Write and Execute

hashtag
Notification

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Notification

Delete All Notifications

Mark All as Read Notification

hashtag
Organizations

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Organization

Update Organization

hashtag
Organizations Deployment Token

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

Update Deployment Token

hashtag
Policy

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Policy

Create Policy

Update Policy

Delete Policy

Override Policy

hashtag
Relay Server

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

Manage Relay Server

hashtag
Task

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Task

Delete Task

Cancel Task

Update Task

Schedule Task

Update Scheduled Task

hashtag
Task Assign

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

Assign Hunt/Triage Task

Assign Acquire Evidence Task

Assign Full Text Search Task

Assign Disk Image Acquisition Task

Assign Reboot Task

Assign Shutdown Task

Assign Log Retrieval Task

Assign Version Update Task

Assign Isolation Task

hashtag
Task Assignment

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

Delete Task Assignment

Cancel Task Assignment

hashtag
Hunt/Triage

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Hunt/Triage

Create Hunt/Triage

Update Hunt/Triage

Delete Hunt/Triage

hashtag
User

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View User

Create User

Delete User

Update User

hashtag
User Role

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Role

hashtag
Two Factor Authentication (2FA)

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

Update 2FA Settings

hashtag
Webhook

Privilege
Org Admin
L1/L2
L3/L4
Maintenance
Responder

View Webhook

Create Webhook

Update Webhook

Delete Webhook

PreviousUser GroupsNextBackup

Last updated

Was this helpful?