Manage User Accounts in Security Validation

There is extensive logging around User Accounts. You can find audit logs in the system that include the username who made the change, with the following details provided:

• User Account created, enabled, disabled, deleted, or changed (new email address)
• Group user is assigned to
• Rights that are added or removed from the user account
• Active Directory information, when Active Directory authentication is enabled

Create a user account

1. Go to Settings > User Settings.
2. Click Add User. 
3. Enter basic information for the new user.
   1. Email address
   2. First and Last names
4. Select a User Group from one of the following roles:
   For information about user roles, see User Groups and Permissions.
   • System Admin
   • User Admin
   • Power Users
   • Reporting
   • Custom
   • Users
5. (Optional) Enter a Github token associated with this user.
6. (Optional) If the user is permitted to approve cloud actions, select Approve Cloud Actions.
   • This option is only available if you have the Cloud Security Validation Feature.
   • When you select this setting for a user, a backend check ensures that the user has permission to approve Cloud Actions before proceeding with approval.
7. (Optional) Select Approve Endpoint Actions. This setting is required if this user is permitted to approve Host CLI Actions after the Action is created. This is important since many Host CLI Actions should be configured for use in the Protected Theater only.
8. (Optional) If this user is permitted to approve Host CLI Actions while creating the Action, select Approve on Action Creation.
9. (Optional) If this user is permitted to designate a file as safe during upload to the file library or to approve uploaded files that are in a Pending Approval state. Select Approve File Library Restrictions. See Approving Files for Use for more information.

   This permission also lets a user modify Malicious file classifications for files not imported from a content pack.

10. Click Create User.

    The new user receives an email with a randomly generated password instructing the user to log in to the Director and change their password

    If you are using another Authentication option, the password creation and password reset does not occur.

Edit a user account

1. Go to Settings > User Settings.
2. Click Edit for the applicable user.
3. Modify the user, as needed.
   MA-SV only: If you can't edit some fields, you are synchronizing those user accounts from a single sign-on (SSO) source or those fields are only editable in Mandiant Advantage. You must make user account changes directly in Mandiant Advantage. You can still edit user groups in the MA-SV  User Settings.
4. Click Update User.

Change the password for a user

1. Go to Settings > User Settings.
2. Click Change Password for the applicable user.
3. Enter the new password and confirm the password.
4. Click Update User.

   Instruct the user to change this password when they log in.

Disable a user

1. Go to Settings > User Settings.
2. Click Disable for the applicable user.
3. Click OK.

   This user is added to the Disabled Users list. They can be reenabled by clicking the Enable User link.

Permanently delete a user

1. Go to Settings > User Settings.
2. Click Permanently Delete.
3. Enter the user's email to confirm deletion and Click OK.

Export a list of your users

1. Go to Settings > User Settings.
2. Click Export CSV.