Add or Update Users

As an administrator, you can manage users for your platform including to create, edit, and remove users.

Note

If you want to use SSO authentication for users, see Enable and Use SSO with Cybereason.

Add a new user

To create a new user, do the following:

  1. In the Users screen, click Create new user.

    Create a user

  2. For the user, update the required details, described in the following table:

    Setting

    Description

    Email address

    The user’s email address. Cybereason uses this email address to send notifications.

    The email address’s TLD (top-level domain) must be a valid public TLD.

    Note: For On Prem environments where SSO is enabled, it is possible to add a user with a local domain email. Such users can login via SSO. Note that it is not possible to enable email notifications for such users, and other email workflows (e.g. reset password) are not supported for such users.

    Password

    A password for the user. The password must conform to your organization’s password policy set in the Settings > Password Policy screen.

    For details, see Define a Password Policy.

    Change password on next login

    Select this option to require the user to change the password on their next login. The new password cannot be the same as the previous 10 passwords.

    Enable notifications

    Select this option to enable notifications for the user.

    Non-admin users can only change this value for themselves.

    Enable Two Factor Authentication

    Select this option to enable Two-Factor Authentication (TFA) for the user. TFA must also be enabled for the environment. For details on enabling TFA, see Set Up Two-Factor Authentication.

    Custom and Predefined Roles

    The role to assign to the user. For details on available roles, see Manage User Roles and Permissions.

User classification

Note

The User Classification feature is in the beta stage. Contact your Customer Success representative to enable this feature.

The User classification feature allows user administrators to add a label to a specific user for auditing purposes. User administrators can add a string value to the User classification field in the Users screen when creating or editing a user.

User Classification

The User classification string must meet the following parameters:

  • Include only alphanumeric, hyphen, and underscore characters

  • Be no longer than 12 characters

For each user action, the userclassification field appears in the user audit syslog message. See Syslog Messages - Extension Fields for more information about the user audit syslog.

For example:

cybereason|cybereason||useraction|general/login|0|cs1label=username cs1=/temp@cybereason.com … cs6label=userclassification cs6=tempUser

Edit a user

To update user details, in the Edit column by the user name, click the Edit icon and update the relevant details.

Remove a user

To remove a user, hover your mouse over the row of the user you want to remove. and click the Trash icon on the right side of the row. Then click Delete user in the confirmation screen to confirm removal.

Note

The Cybereason platform audits all changes in the syslog. See User Audit logs.