Adding SOAR MSSP analysts

Add SOAR MSSP analysts to the Standard accounts where they work on cases. You can also add SOAR MSSP analysts to the Provider account if they need to view cases from multiple Standard accounts in a single dashboard in the Provider account.

Before you begin

To add users, you must have Admin permissions in the Provider account.

About this task

Determine the access that you want to provide to the SOAR MSSP analysts. There are two relevant SOAR MSSP analyst persona:

SOAR MSSP analysts who are members of the Provider account and Standard accounts. These users need to view cases from multiple Standard accounts in a single dashboard. You can configure these users' permissions by creating roles and assigning them roles.
SOAR MSSP analysts who are members of one or more Standard accounts without access to the Provider account. These users work only in Standard accounts and do not require access to the Provider account.

Procedure

Go to the Provider account or Standard account to which you want to add the user.
Click User management > Add user and search for the user by name or email address and then select the user.
From the Administration and Application and services sections, assign access to the IBM Security QRadar Suite and applications as required. You must assign access to Case Management, and depending on their role, to Orchestration & Automation.
When you are finished, click Add user.
For users that you are adding to the Provider account, go to Application settings > Case Management > Permissions and access > Users and click Refresh user list to add users to the Provider account for SOAR. You can now add the user to groups on the Provider account so that they have appropriate roles.
For users that you are adding only to a Standard account, from the Standard account, go to Application settings > Case Management > Permissions and access > Users and click Refresh user list to add the users to SOAR on the Standard account. You can now add the user to groups on the Standard account so that they have permissions for the Standard account.

What to do next

For users that you added to Standard accounts only, you can define their permissions as described in Configuring permissions for users in Standard accounts only.
By default, users added to the Provider account and Standard accounts have the same permissions in the Provider account and Standard accounts. To configure and assign more customized account-specific permissions, create roles and groups, and add users to groups. For more information, see Configuring permissions for users in Provider account and multiple Standard accounts.