Skip to main content
Skip table of contents

User Roles

Purpose

This document describes how to create user roles.

Introduction

The User Roles tab is used to administrate the user roles. Every user can be given one or several user roles, which determine what actions that user can perform. Multiple user roles can be assigned to one user, which allows for further customization of the user permissions.

Creating Roles


To create a user role:

  1. Click Main Menu > Settings > Manage User.

  2. In the Manage User Accounts window select User Roles tab and click + New.

  3. In the Maintaining User Role window, enter a Role Name.

    User Roles



  4. Select the various boxes to match the role being created.

  5. Click Save.

Maintaining User Role 

Option

Description

Role name

Every user role needs to have a given name to identify the role.

Read Only

The user will not be permitted to make any changes or new creations when this option is enabled.

LDAP/AD Group (HIAB only)

The LDAP/AD Group field is available if LDAP/AD is enabled on the HIAB. This user role is mapped to the defined role in LDAP/AD when the user login.

Target Management
Target Management

Option

Description

Administrate Targets/Target Groups

Allows the user to administrate targets and groups in the Manage Targets view.

Scan Scheduling
Scan Scheduling

Option

Description

Administrate Scheduling

Determines if the user can define and set up new scan schedules.

Force Target Group in Scheduling

Enforces the user to only use the already defined groups in the scheduling section. No manual targets can be entered in the targets tab.

Administrate Scanning Policies

Determines if the user can create, modify and remove scanning policies within the system.

Stop scans

If the user can administrate scan scheduling they will also be allowed to stop scans if this setting is enabled.

Reporting Tools
Reporting Tools

The Reporting Tools field gives a user permission to view the reporting tools. If not enabled, the reporting tools are not shown to the user.

Option

Description

Mark False Positives

Allow the user to mark a finding as a false positive.

Risk Management

Allow the user to mark vulnerabilities as accepted risks and/or change the risk level for a finding.

Verify scan

Allow the user to perform verification scans. No scans will be deducted from the license when using this feature.

Receive Scan Results SMS Notifications

Enable the user to receive scan results as SMS.

Remove Scan Result

Allow the user to remove reports.

Receive Scan Results by Email

Enable the user to receive reports by email.

Access Dashboard

Allow the user to see the Dashboard.

 

Compliance Scanning

Compliance Scanning is only visible if it is included in your license.

Compliance Scanning

The Compliance Scan field gives a user, permission to view the Compliance scanning module. 
If not enabled, it will not be shown to the user.

Option

Description

Create/Edit Policies

Allow the user to Create/Edit policies.

Mark Exceptions

Allow the user to mark exceptions.

Answer Question

Allow the user to answer questions.

Approve Question

Allow the user to approve questions.

Web Application Scanning

Web Application Scanning is only visible if it is included in your license.

Web Application Scanning

Option

Description

Administrate Scoping

Allow the user to administrate Scoping.

Access Reporting

Allow the user to access reporting.

Remove Scan Results

Allow the user to remove Scan results. Access Reporting needs to be selected for this role.

Scoping

Outscan only

Scoping

Option

Description

Submit scoping request

Allow the user to submit Appsec scoping requests.

PCI Management

PCI Management is only visible if PCI Compliance scan is included in your license.

PCI Management

Option

Description

Administrate Scoping

Allow the user to create, modify, or remove any scopes in this module.

Administrate Scheduling

Allow the user to start and stop PCI scans.

Access Reporting

Allow the user to view PCI reports.

Dispute Findings

If the user has Access Reporting this option allow the user to dispute findings from the report.

Managed Reports

This section is only visible if you have an Managed Reports license.

Managed Reports

Option

Description

Comment Reports

Allow users to add comments to reports.

Vulnerability Management
Vulnerability Management

Option

Description

Comment Vulnerability Database

Allow the user to create and edit comments in the vulnerability database.

User Management
User Management

Option

Description

Administrate Accounts

Allow the user to administrate accounts.

Administrate User Roles

Allow the user to administrate user roles.

Ticket Management
Ticket Management

Option

Description

Manage Tickets

Allow the user to administrate tickets.

Grant All Tickets

Give access to all internal tickets. (If Manage Tickets is selected).

 Audit Log Management
Audit Log Management

Option

Description

Read Audit Logs

The user is able to read the auditing log.

License
License

Option

Description

View License

Allow the user to view the License tab in Main Menu > Settings > Account.

HIAB Management (HIAB only)

HIAB Management only visible if it is included in your license.

HIAB Management

Option

Description

Administrate HIAB Server

Allow the user to restart the HIAB and setup HIAB settings like backup and networking.




Copyright

© 2025 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.