i habe a question or more something to think about.
We are creating diffrent permission sets and Roles.
The Problem we have is, that we are collection security information in one stream and other are not allowed to see this one or getting any possibilities to get such kind of informations.
So i have a role, which can not see this stream and give them a own one with edit permission.
Now they can change theire rule and add a a field, wich is collection the security information too.
Shure, i could take the edit permission away, but then they can’t define their alerts etc.
Is there a other way to handle that, that such kind of information like for security audits are save?
Or is it a security issue?
PS: Hope i explained it comprehensible