Approver roles required for Security Exposure Management Workspace

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • You can see the required roles for the approvers in the Security Exposure Management Workspace.

    Table 1. Approver roles required for various approval requests
    Approval type Approver roles
    False positive approvals sn_vul.false_positive_approver
    • sn_vul.vulnerability_admin
    • sn_vul.vulnerability_analyst

    Approvers are required to be in the False Positive Approver user group.
    Exception approvals (deferrals)
    • sn_sec_exception.admin
    • sn_sec_exception.read
    • sn_sec_exception.approver
    Unassign approvals sn_vul.unassign_approver
    Risk reduction approvals sn_vul.exception_approver
    Exception rule approvals
    • sn_sec_exception.admin
    • sn_sec_exception.approver

    Approvers review and approve or reject exception rules that automatically apply exceptions to matching findings.