LogoLogo
Get FDA readyServicesSolutionsGuardian helpGet a demo
  • Helm help center home
  • Get Started
    • Helm features
    • Quickstart process
    • Understand data sources and update frequency
    • Get familiar with the Helm UI
      • Understand your dashboard
      • Helm terminology
    • Don't have an SBOM?
      • Why SBOMs are critical to your present and future
      • Generate CycloneDX SBOM with open-source tools
      • Generate SPDX SBOM with open-source tools
        • Generate SBOM with Yocto on Linux
      • Convert your SBOM from CSV to CycloneDX
      • Get expert Services help
    • Upload your first SBOM
      • Upload or convert .zst SBOM files from Yocto on Linux
  • Automate and integrate
    • Automate and integrate risk prioritization and management
    • Automate SBOM and vulnerability management via Helm API SDK
    • Automate SBOM management via GitHub action
    • Automate SBOM management via MS Azure DevOps extension
    • Create and manage lifecycle rules to automate EOS and EOL information across all products
  • Match components
    • Match unmatched components
    • Understand match statuses
    • Understand match sources
    • Create and manage alias rules to match and rematch components across all products
  • manage sboms
    • Manage SBOM
      • Manage component
      • Manage licenses
      • Create, edit, or merge SBOMs
      • Export your SBOM
      • Upload new version of SBOM with each release
      • Archive a product or product version
    • Find out what products contain a particular component
  • manage vulnerabilities
    • Check whether a particular vulnerability impacts your products
    • Manage vulnerabilities
      • Identify and prioritize exploitable vulnerabilities
        • Get email notifications for new vulnerabilities
        • Send email with vulnerability details for future prioritization
        • Understand issue severity level
          • Understand the CVSS vulnerability scoring system
      • Rescore vulnerabilities in bulk or individually
      • Remediate vulnerabilities in bulk or individually
      • Patch Windows vulnerabilities in bulk or individually
      • Export vulnerabilities
  • Ensure FDA readiness
    • FDA-ready SBOM and vulnerability reports
      • Meet FDA requirements with your FDA SBOM report
      • VEX and VDR reports
    • Understand new FDA cybersecurity requirements for cyber devices
      • Is my device a cyber device?
      • What if I already submitted my cyber device?
    • What should my cybersecurity management plan entail?
      • What does risk management entail?
      • Verification & Validation: Build the right product/service/system in the right way
      • Why do I need a Quality Management System (QMS)?
      • Cybersecurity is everyone's responsibility
  • Terminology
    • Cybersecurity terminology
    • What is CPE?
      • How do I read a CPE string?
  • Administration
    • Manage users
    • Manage products
    • Modify your organization name
  • what's new
    • Changelog
Powered by GitBook

© Copyright MedCrypt 2024, All rights reserved.

On this page
  • Administration columns
  • User roles
  • Admin role
  • User role permissions
  • Change user role
  • Modify user product access permissions

Was this helpful?

Export as PDF
  1. Administration

Manage users

PreviousHow do I read a CPE string?NextManage products

Last updated 4 months ago

Was this helpful?

If you have the role of Admin in Helm, you’ll see an Administration icon on the sidebar. You can manage both your users and your products from here.

if you need SSO support.

You can view all users and their current permissions, indicated by their role. You can also find a particular user by searching on their name.

How do I add new users?

You can't currently add new users in Administration. to get them added for you!

Administration columns

  • Username: This is the user’s full name, followed by a role token that indicates their permission level. It cannot be changed by the user or admin. Helm has the following roles:

    • Admin: This user has access to everything in Helm, including products. If you do not want a user to have access to all products, make them a user, then edit their permissions for the appropriate products. Only Administrators can create aliases to link software in their SBOM to known software in the NVD. An admin may not change their own role, but they can change the role of other admins.

    • User: This user only has the permissions one of the Admins has specified, as detailed in below.

  • Email: This is the user’s email address. It cannot be changed by the user or admin.

  • Actions: Click the edit icon to modify the user’s role.

User roles

You can assign users full privileges as Admins, or you can configure their permissions to view and modify your SBOM and vulnerabilities using these roles and permissions. You can set the SBOM role and Vuln role to combine permissions across SBOMs and vulnerabilities.

Admin role

This role has full access to all products and vulnerabilities in the organization and is the only role that can:

  • Manage users

  • Create and remove products

  • Create and remove aliases (permanent links to known software)

User role permissions

Users can be granted permissions to view or modify SBOMs and vulnerabilities.

Modify SBOMs and vulnerabilities:

Requires SBOM modify and Vuln modify permissions. This role has full access to all products and vulnerabilities.

Modify SBOMs and view vulnerabilities

Requires SBOM modify and Vuln view permissions. This role has full access to all products, including:

  • View vulnerabilities

  • View recommended Windows KB patches for vulnerabilities

  • View full Dashboard

  • Export all FDA-ready reports

View SBOMs and modify vulnerabilities

Requires SBOM modify and Vuln modify permissions. This role has full access to all products, including:

  • View vulnerabilities

  • View recommended Windows KB patches for vulnerabilities

  • View full Dashboard

  • Export all FDA-ready reports

View SBOMs and vulnerabilities

Requires SBOM view and Vuln view permissions. This role can:

  • View products and SBOMs

  • View suggested matches for components

  • View full Dashboard

  • Export all FDA-ready reports

Modify SBOMs only

Requires SBOM modify and Vuln none permissions. This role has full access to all products, and can:

  • View product information on Dashboard

  • Export these FDA-ready reports: SBOM in JSON, SBOM in CSV

Modify vulnerabilities only

Requires SBOM none and Vuln modify permissions. This role has full access to all vulnerabilities, and can:

  • View vulnerability information on Dashboard

  • Export these FDA-ready reports: VEX, vulnerabilities CSV

This role cannot apply Windows KB patches to vulnerabilities.

View SBOMs only

Requires SBOM view and Vuln none permissions. This role can:

  • View products and SBOMs

  • View suggested matches for components

  • View product information on Dashboard

  • Export these FDA-ready reports: SBOM in JSON, SBOM in CSV, VDR

View vulnerabilities only

Requires SBOM none and Vuln view permissions. This role can view all vulnerabilities, and can:

  • View recommended Windows KB patches to resolve vulnerabilities

  • View vulnerability information on Dashboard

  • Export these FDA-ready reports: VEX, vulnerabilities CSV

Change user role

Modify user product access permissions

After creating a team member with the User role, you can set the appropriate product permissions for this user. Users can be given view or edit access to the SBOM and Vulnerabilities information for selected products. In the Manage users tab, click the edit icon next to the user you want to modify.

  1. Change the role (Org role type) to Admin or User. This change will take place immediately as soon as you change the role value.

  2. If you want the user to have edit permissions for vulnerabilities, select Modify in the Vuln role column. This means that they will be able to: resolve a vulnerability by changing its Product impact status. If you only want them to be able to view vulnerabilities, select View.

  3. Click Save.

An Admin can change the role of any other admin, but cannot change their own role. If you change an Admin to a User, you’ll then be able to set that user’s permissions to view and modify SBOMs, Vulnerabilities, which will impact what they will see on the home page.

Click the tab, then click the edit icon next to the product that you want to add or modify user permissions to access.

If you want the user to have edit permissions for the SBOM, select Modify in the SBOM role column. This means that they will be able to: modify existing SBOM components for any product and version, manually add new components to any product and version, upload new SBOMs, running a Windows operating system or to the , select possible matches and create aliases for Multiple matches or Not found statuses, and add review notes for any component. If you only want them to be able to view SBOM information, select View.

Dashboard
Manage products
Contact us
Contact us
User roles
apply KBs to products
corresponding vulnerabilities