000030488 - Delete permissions are provided to the SOC_Managers role in RSA Security Analytics

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000030488
Applies ToRSA Product Set: Security Analytics

RSA Product/Service Type: Incident Management, Security Analytics UI

RSA Version/Condition:

Platform: CentOS

O/S Version: EL6
IssueThe SOC_Managers role has been inadvertently granted permission to 'Delete alerts and incidents' in Security Analytics  
The SOC_Managers role should NOT have this permission.
ResolutionThis issue has been permanently resolved in Security Analytics
WorkaroundAdministrators can remove the 'Delete alerts and incidents' permission from the SOC_Managers role on the Administration -> Security page.