Manage users
If you have the role of Admin in Helm, you’ll see an Administration icon on the sidebar. You can manage both your users and your products from here.
Contact us if you need SSO support.
You can view all users and their current permissions, indicated by their role. You can also find a particular user by searching on their name.
How do I add new users?
You can't currently add new users in Administration. Contact us to get them added for you!
Administration columns
Username: This is the user’s full name, followed by a role token that indicates their permission level. It cannot be changed by the user or admin. Helm has the following roles:
Admin: This user has access to everything in Helm, including products. If you do not want a user to have access to all products, make them a user, then edit their permissions for the appropriate products. Only Administrators can create aliases to link software in their SBOM to known software in the NVD. An admin may not change their own role, but they can change the role of other admins.
User: This user only has the permissions one of the Admins has specified, as detailed in User roles below.
Email: This is the user’s email address. It cannot be changed by the user or admin.
Actions: Click the edit icon to modify the user’s role.
User roles
You can assign users full privileges as Admins, or you can configure their permissions to view and modify your SBOM and vulnerabilities using these roles and permissions. You can set the SBOM role and Vuln role to combine permissions across SBOMs and vulnerabilities.
Admin role
This role has full access to all products and vulnerabilities in the organization and is the only role that can:
Manage users
Create and remove products
Create and remove aliases (permanent links to known software)
User role permissions
Users can be granted permissions to view or modify SBOMs and vulnerabilities.
Modify SBOMs and vulnerabilities:
Requires SBOM modify and Vuln modify permissions. This role has full access to all products and vulnerabilities.
Modify SBOMs and view vulnerabilities
Requires SBOM modify and Vuln view permissions. This role has full access to all products, including:
View vulnerabilities
View recommended Windows KB patches for vulnerabilities
View full Dashboard
Export all FDA-ready reports
View SBOMs and modify vulnerabilities
Requires SBOM modify and Vuln modify permissions. This role has full access to all products, including:
View vulnerabilities
View recommended Windows KB patches for vulnerabilities
View full Dashboard
Export all FDA-ready reports
View SBOMs and vulnerabilities
Requires SBOM view and Vuln view permissions. This role can:
View products and SBOMs
View suggested matches for dependency components
View full Dashboard
Export all FDA-ready reports
Modify SBOMs only
Requires SBOM modify and Vuln none permissions. This role has full access to all products, and can:
View product information on Dashboard
Export these FDA-ready reports: SBOM in JSON, SBOM in CSV
Modify vulnerabilities only
Requires SBOM none and Vuln modify permissions. This role has full access to all vulnerabilities, and can:
View vulnerability information on Dashboard
Export these FDA-ready reports: VEX, vulnerabilities CSV
This role cannot apply Windows KB patches to vulnerabilities.
View SBOMs only
Requires SBOM view and Vuln none permissions. This role can:
View products and SBOMs
View suggested matches for dependency components
View product information on Dashboard
Export these FDA-ready reports: SBOM in JSON, SBOM in CSV, VDR
View vulnerabilities only
Requires SBOM none and Vuln view permissions. This role can view all vulnerabilities, and can:
View recommended Windows KB patches to resolve vulnerabilities
View vulnerability information on Dashboard
Export these FDA-ready reports: VEX, vulnerabilities CSV
Change user role
An Admin can change the role of any other admin, but cannot change their own role. If you change an Admin to a User, you’ll then be able to set that user’s permissions to view and modify SBOMs, Vulnerabilities, which will impact what they will see on the Dashboard home page.
Modify user product access permissions
After creating a team member with the User role, you can set the appropriate product permissions for this user. Users can be given view or edit access to the SBOM and Vulnerabilities information for selected products. In the Manage users tab, click the edit icon next to the user you want to modify.
Change the role (Org role type) to Admin or User. This change will take place immediately as soon as you change the role value.
Click the Manage products tab, then click the edit icon next to the product that you want to add or modify user permissions to access.
If you want the user to have edit permissions for the SBOM, select Modify in the SBOM role column. This means that they will be able to: modify existing SBOM dependency components for any product and version, manually add new dependency components to any product and version, upload new SBOMs, apply KBs to products running a Windows operating system or to the corresponding vulnerabilities, select possible matches and create aliases for Multiple matches or Not found statuses, and add review notes for any dependency component. If you only want them to be able to view SBOM information, select View.
If you want the user to have edit permissions for vulnerabilities, select Modify in the Vuln role column. This means that they will be able to: resolve a vulnerability by changing its Product impact status. If you only want them to be able to view vulnerabilities, select View.
Click Save.
Last updated