List of roles installed with Security Exposure Management, defining user permissions and access for Security Exposure Management-related tasks.

Application	Role title	Description	Contains roles
Vulnerability Response Common	sn_vul_cmn.usem_admin	Configures rules, integrations, and related settings for Vulnerability Response, Application Vulnerability Response, Container Vulnerability Response, and Configuration Compliance.	sn_vul.vulnerability_admin sn_vul.app_sec_manager sn_vul_container.vulnerability_admin sn_vulc.admin
Administration for Security Exposure Management	sn_sec_wf.read_admin_rules	Read access to administration rules.	sn_sec_calculator.read sn_vul_cmn_ws.read_admin_rules sn_vul_cmn.read_auto_close_rules
Administration for Security Exposure Management	sn_sec_wf.manage_admin_rules	Create, read, update, and delete administration rules.	sn_vul_cmn.manage_auto_close_rules sn_sec_wf.read_admin_rules sn_vul_cmn_ws.write_admin_rules sn_sec_calculator.admin
Exception Management for Unified Security Exposure Management	sn_sec_exception.approver	Approve or reject exception requests, false positive requests, and exception rules.	sn_sec_exception.read
Exception Management for Unified Security Exposure Management	sn_sec_exception.read	Read access to exception management configuration and exception rules.	None.
Exception Management for Unified Security Exposure Management	sn_sec_exception.admin	Create, read, update, and delete exception management configuration and exception rules.	sn_sec_exception.read
Risk Scoring for Security Exposure Management	sn_sec_calculator.read	Read access to records in the sn_sec_calculator scope.	None.
Risk Scoring for Security Exposure Management	sn_sec_calculator.admin	Create, read, update, and delete records in the sn_sec_calculator scope.	sn_sec_calculator.read