Hi @Joe Kline , I have tried it with the following role/s (sn_vul.write_assigned/sn_vul.read_assigned) however with the role user can see vulnerable items and getting the following message "Number of rows removed from this list by Security constraints". Have you added any other role as well?

@saptarshiamc ,

In our case it was not a case of "adding roles", but to give each user either a "Remediation Owner" role or a "Read User" role.  Intent being to have remediation teams see only what they are responsible for, as provided out of the box by SN granular roles and no need to do custom ACL's.

Remediation Owner then provides sn_vul_read_assigned, sn_vul.read_effort, sn_vul.read_watch_topic, sn_vul.remediation_owner, sn_vul.update_assigned_to, sn_vul.update_assignment_group, sn_vul.write_assigned and a few others that may not be specifically associated with that table.

sn_vul.read_all comes along with a bunch others in our use of the Read User role structure, used by Managers and other team members that are responsible to see over a wide area portion of the enterprise network, whereas those responsible (System Admins) to fix things really need to focus on their own small piece of the pie.  Mixing read_all and read_assigned has caused some minor issues for us in what a user can and cannot see or get similar error messages that highlight not all records are being displayed on a  list view due to security constraints ...

Hope this helps.

Hi @Joe Kline , In our case, the VIT is only assigned to the specific group and no remediation task has been created against that.  Can you please help me to understand, whether remediation task is also being created in your case?