Data Security permissions ↗
Configure access to Data Security capabilities.
The Data Security permission includes the following permissions:
Endpoint DLP: Includes permissions such as Data-in-motion rules and Endpoint Applications. For more information about Endpoint DLP permissions, see Data Security - Endpoint DLP permissions.
Data Security: Data Security Posture Management (DSPM)
This section controls access to the DSPM features, which provide deep visibility into cloud data assets (such as storage buckets, databases, and backups) and their underlying data objects (files, columns, and tables). It also controls access to the Data Pattern Inventory, Data Security Detection Rules, and the Data Security Issues queue.
Users access DSPM from → .
Notice
Requires Cloud Posture Security, Cloud Runtime Security, or Cortex XSIAM Premium license.
Permission | Description | Roles Example |
|---|---|---|
None | Users cannot access the DSPM pages (All Assets, Disks, Storage Buckets, Databases, Backups), data objects (Files, Columns, Tables), Data Pattern Inventory, Data Security Issues (posture and threats), and Detection Rules. | SOC Tier-1 Analyst: Data security posture management is outside the triage scope. |
View | Read-only access to all DSPM pages. Users can view the Overview dashboard, browse all discovered data assets and their classifications, and view the Data Pattern Inventory, Data Security Issues (posture and threats), and Detection Rules |
|
View/Edit | Full control over DSPM features. Users can trigger manual data scans, manage data asset configurations, interact with data security issues (acknowledge and remediate), and manage the overview dashboard. All action buttons and management forms are accessible. | Security Engineer: Responsible for configuring data security scanning and managing data classifications. |