# Security Analyst Role

The Security Analyst role allows users to view Dashboard, generate reports from Dashboards, view DLP violations, view exfiltration and posture management events, and view detectors. 

The Nightfall app view for a user with this role is as shown in the following image. 

<figure><img src="/files/Ow2yNbaVROkODtNJ5Ffc" alt=""><figcaption></figcaption></figure>

## Permissions Associated with Security Analyst Role

A user with Security Analyst Role has the following permissions

### View Dashboard and Create Reports

With the **Dashboard** and **Reportin**g permissions, users to view data on the Dashboard, apply filters to the dashboard data, and also generate reports from the Dashboard data.&#x20;

<figure><img src="/files/bMMgXb1OLWL3AFGuG27q" alt=""><figcaption></figcaption></figure>

### Take Actions on DLP Violations

With the **DLP Violations** permission, users can take appropriate actions on the DLP violations. They can also share the violation data and export it as a CSV file.&#x20;

<figure><img src="/files/JmunLCSigDelr0BzRRYm" alt=""><figcaption></figcaption></figure>

### Preview the DLP Violations Content

With the **Content Preview** permission, users can preview the content of the DLP Violations page. The sensitive data is redacted. Also, Security analysts cannot download the file containing sensitive data (even if the download button is active).

<figure><img src="/files/1GLb1tbC6mdV93ZpcWAp" alt="" width="375"><figcaption></figcaption></figure>

{% hint style="info" %}
The main point of difference between the Security analyst role and the Security events manager role is that users with the Security analyst role can view redacted content of DLP violations page. However, content is not redacted for users with the Security Events manager role. &#x20;
{% endhint %}

### Exfiltration/Posture Management and Encryption Events

With the **Exfiltration** permission, users can filter event data, share event data, view historic events data, and  take actions on Posture management, Exfiltration, and encryption events.&#x20;

<figure><img src="/files/SSMHhYMaed3irWQ8ErGG" alt=""><figcaption></figcaption></figure>

### View Detectors

With the **Detectors** permission, users can view all the detectors, view detectors that belong to a specific category, filter the list of detectors, search a detector, and copy the UUID of a detector.&#x20;

<figure><img src="/files/bQMDEZWqVZamEjb7yPky" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.nightfall.ai/nightfall_settings/role_based_access_control/security_analyst.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.