The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter describes how to manage organizations and users in Threat Grid. It includes the following topics:
Threat Grid is installed on the Threat Grid Appliance with a default organization and Admin user. Once the set up and the network configuration is completed, you can create additional organization and user accounts, so users can log in and begin submitting malware samples for analysis.
Adding organizations, users, and administrators may require planning and coordination among multiple users and teams, depending on your organization.
Users are always affiliated with an organization; before you can add users, you must first create the organization so you can add them to it.
 Important |
You cannot delete an organization from this interface once it has been created so plan this task carefully. |
|
Step 1 |
Log into the Threat Grid portal as Admin. |
|
Step 2 |
Click the Administration menu and choose Manage Organization. The Organizations page opens shows all the organizations on the appliance. |
|
Step 3 |
Click New Organization in the upper-right corner of the page to open the New Organization dialog. |
|
Step 4 |
Complete the following information:
|
|
Step 5 |
Click Submit. The new organization is created and is now visible in the list of Organizations. |
|
Step 6 |
Edit the newly created organization and complete the following information:
Once the organization is created, the Admin or Organization Admin can manage it (see Managing Organizations in the online Help. |
For instructions and documentation on creating and managing user accounts, including how to add users, see the Threat Grid Portal UI online help:
In the navigation bar, click Help > Using Threat Grid Online Help > Managing Threat Grid Users.
Note |
Users can only be removed via the API, and only if they have not submitted samples. Managing device user accounts for integrating Email Security Appliances, Web Security Appliances, and other devices is described in Activate New Device User Account. |
When the Cisco Email Security Appliance, Web Security Appliance, or other Cisco Sandbox API integration connects and registers itself with a Threat Grid Appliance, a new Threat Grid user account is automatically created. The initial status of the user account is de-activated. The device user account must be manually activated by a Threat Grid Appliance administrator before it can be used for submitting malware samples for analysis.
|
Step 1 |
Log into the Threat Grid Portal UI as Admin. |
|
Step 2 |
Click the Administration menu and choose Manage Users. |
|
Step 3 |
Locate the device user account and open the User Details page. The user status is currently de-activated. 
|
|
Step 4 |
Click Re-Activate User. |
|
Step 5 |
On the confirmation dialog, click Re-Activate User to confirm the action. The integrating appliance or device can now communicate with the Threat Grid Appliance. |
Feedback