- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-28-2020 08:57 AM
When we stood up the Security Incident Response module, our request was that non-SOC members could not see the SIR, but could only be assigned SITs. Based on this, the appropriate groups were given the "response_task" Type and can be assigned tasks. However, we are having issues with these groups being able to see what is assigned to them. At this point, no one can see any tasks unless they get assigned to that person specifically.
Currently, no groups have the role "sn_si.external", which I've been taking a look at. This seems to give users visibility under "My Work" when they are assigned something specifically, but unassigned tasks cannot be seen under "My Groups Work", which is what we are trying to accomplish.
Solved! Go to Solution.
- Labels:
-
Security Incident Response

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-02-2020 01:44 PM
Hey there,
You are on the right track. It sounds like we've adjusted the table level write ACL for (sn_si_task) so far.
Check out the additional field level write ACL entries on (sn_si_task); many of them point to the "assigned_to" person as well.
Some of field level ACLs point to fields that you may want external users to edit, and some of these you may not want external users to edit.
You can disable and re-create the appropriate write field level ACLs for (sn_si_task); that should get you a win. (For example, you may not want those users to be able to write to the short_description, priority or cmdb_ci field, etc)...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-28-2020 10:13 AM
The groups also need to have sn_si.external role in order to be able to see the tasks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-28-2020 10:24 AM
I mention this in the second paragraph - it only allows them to see SITs assigned to them, but not unassigned ones that are assigned to their group. I need them to see what is assigned to their group.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-28-2020 12:56 PM
Based on what I've seen, I think what I need to do is to allow the "My Groups Work" to access SITs assigned to a group but not yet assigned to an individual user. Any ideas on how to achieve that?

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-28-2020 03:22 PM
I would look at the ACL on sn_si_task. The OOB read and write ACL only allows assigned to.
I would add another condition isMemberOf to check, if user is member of that group to allow read and write to that table.
Please mark this response as correct or helpful if it assisted you with your question.