Platform Overview
User Roles & Permissions
Understand the Admin, Security Analyst, and Viewer roles and apply least-privilege access.
TrustCyber uses role-based access control (RBAC) to ensure team members can access the features they need without exposing sensitive security data to unauthorized users. Roles are assigned per organization and follow the principle of least privilege.
Available Roles
| Role | Description | Typical User |
|---|---|---|
| Admin | Full access to all features including settings, integrations, and user management | CISO, IT Manager, Security Lead |
| Security Analyst | Can view all reports, run assessments, and manage findings and remediation tasks | Security Engineer, Compliance Analyst |
| Viewer | Read-only access to dashboards and reports. Cannot run assessments or modify settings | Executive, Board Member, Auditor |
Permission Matrix
| Feature | Admin | Security Analyst | Viewer |
|---|---|---|---|
| View Dashboard | ✓ | ✓ | ✓ |
| View Reports | ✓ | ✓ | ✓ |
| Run Assessments | ✓ | ✓ | ✗ |
| Manage Findings | ✓ | ✓ | ✗ |
| Manage Remediation | ✓ | ✓ | ✗ |
| Invite Team Members | ✓ | ✗ | ✗ |
| Manage Integrations | ✓ | ✗ | ✗ |
| Billing & Subscription | ✓ | ✗ | ✗ |
| Export Reports | ✓ | ✓ | ✗ |
Best Practices for Least Privilege
- Assign the Viewer role to executives and board members who only need to review reports.
- Assign the Security Analyst role to engineers who run assessments and manage remediation.
- Limit Admin access to the CISO, IT Manager, or the primary security lead.
- Review team membership quarterly and remove access for departed employees promptly.
- Use the Viewer role for external auditors to share reports without granting write access.
WarningAdmin users can modify integrations and revoke access for other team members. Limit Admin role assignment to trusted personnel only.