RBAC – At the heart of the Nucleaus Core platform design is a multi-tenant model using Vertical and Horizontal Role Based Access Control matrix. The Vertical roles are “Enterprise Admin, Team Admin and User”. The Horizontal roles are “Audit and Global View)The “Enterprise Admin” has complete control over the tenant. Like Google, Nucleaus allows for switchable multi-tenants for EA’s if they have been granted access. The “Team Admin” has complete control over teams that have been created and assigned by the EA’s to them. The users can only view within the teams they are assigned. The Horizontal roles go across all teams and allow for Risk Management functions by the audit role to approve exceptions like a false positive or acceptable risk vulnerability and complete viewership for the Global view such as what a CISO would need. This model allows for flexibility without great complexity to implement.
Token Management – API interactions is more common place in today’s environments than ever. To make the use of API tokens easier, the Nucleaus Platform has a section to manage these tokens. The tokens that created in this are carries with them the same permissions that the user has been granted who is creating them. For example if a Team Admin for X and Y teams creates a API token then only API calls for those teams data will be returned.
The Nucleaus platform supports SAML integration for single sign on (SSO). The Identity provider for Nucleaus is Auth0 but easily interfaces with other providers such a Duo, PingID and Okta through SAML integration. The SAML integration is domain based so every user in the domain with have access to the platform if they have been granted permission to use Nucleaus.