Roles & Permissions
Roles and permissions limit user access to data in your organization's account.
User Roles
When adding a user to your organization's account, there are 6 roles you can assign them to limit their access to functionality and viewing information about targets in the system. These roles are:
Administrator - Full control of the account, users, and billing
Power User - Full target management
User - Access findings
Viewer - View reports and update/assign workflows
Marketing - Access Certification data
Billing - Manage payment information and subscriptions
Permissions
Assigned roles have permission to perform the following actions in your organization's account:
Manage Users
Add or remove users from the account and edit user details.
Administrator
Manage Billing
Update or edit payment information. Create or cancel subscriptions.
Administrator Billing
Manage Targets
Add or remove targets. Assign licenses to targets.
Administrator *Power User
Connectors
Manage integrations with third-party services.
Administrator Power User
Manage Exceptions
Create and manage exceptions.
Administrator *Power User *User
Manage Workflows
Assign or update the status of workflows.
Administrator *Power User *User *Viewer
Acknowledge Hosts
Acknowledge and un-acknowledge connected hosts.
Administrator *Power User *User
Start Scan Begin scans.
Administrator *Power User *User
View Reports
View and download reports.
Administrator Power User User Viewer
Discovery
View Discovery.
Administrator *Power User *User *Viewer
Certification
Manage all certification settings, including adding new sites.
Administrator Power User User Viewer Marketing
Breach Insurance
Manage and view Breach Insurance information.
Administrator Power User User Viewer Marketing
Search Submission
Start crawls, manage settings, and view Search Submission results.
Administrator Power User User Viewer Marketing
Diagnostics Start crawls, manage settings, and view and hide Diagnostics results.
Administrator Power User User Viewer Marketing
Security Target Access
Security Target Access lets you limit users to only accessing certain targets. Users can have tags set that allow them to access only targets with those tags in all sections of the application including Targets, Firewalls, Websites, Issues, and Events.
Security Target Access tags can be assigned when creating a user, and multiple tags can be selected. If you later wish to change a user's tags, you can do so by clicking their name in the User panel and going to Permissions.
For Discovery permissions, users with the Power User, User, and Viewer roles will be limited by their Security Target Access settings. If a tag is set, they will have no access to the Discovery portion of the application.
Last updated