This document describes how to create user roles.
The User Roles tab is used to administrate the user roles. Every user can be given one or several user roles which determines what actions that user can perform. Multiple user roles can be assigned to one user, which allows for further customization of the user permissions.
To create a user role:
- Click Main Menu > Settings > Manage User.
- In the Manage User Accounts window select User Roles tab and click + New.
- In the Maintaining User Role window, enter a Role Name.
- Select the various boxes to match the role being created.
- Click Save.
Maintaining User Role
Every user role needs to have a given name to identify the role.
User will not be permitted to do any changes or new creations when this option is enabled.
|LDAP/AD Group (HIAB only)||The LDAP/AD Group field is available if LDAP/AD is enabled on the HIAB. This user role is mapped to the defined role in LDAP/AD when the user login.|
Administrate Targets/Target Groups
Allows the user to administrate targets and groups in the Manage Targets view.
Determines if the user can define and set up new scan schedules.
Force Target Group in Scheduling
Enforces the user only to use the already defined groups in the scheduling section. No manual targets can be entered in the targets tab.
Administrate Scanning Policies
Determines if the user can create, modify and remove scanning policies within the system.
If the user can administrate scan scheduling he/she will also be allowed to stop scans if this setting is enabled.
Reporting Tools field gives a user, permission to view the reporting tools. If not enabled, reporting tools is not shown to the user.
Mark False Positives
Allow the user to mark a finding as a false positive.
Allow the user to mark vulnerabilities as accepted risks and/or change the risk level for a finding.
Allow the user to perform verification scans. No scans will be deducted from the license when using this feature.
|Receive Scan Results SMS Notifications||Enable the user to receive scan results as SMS.|
Remove Scan Result
Allow the user to remove reports.
Receive Scan Results by Email
Enable the user to receive reports by email.
Allow the user to see the Dashboard.
Compliance Scanning is only visible if it is included in your license.
Compliance Scan field gives a user, permission to view the Compliance scanning module.
If not enabled, it will not be shown to the user.
Allow the user to Create/Edit policies.
Allow the user to mark exceptions.
Allow the user to answer questions.
Allow the user to approve questions.
Web Application Scanning
Web Application Scanning is only visible if it is included in your license.
|Administrate Scoping||Allow user to administrate Scoping.|
|Access Reporting||Allow user to access reporting.|
|Remove Scan Results||Allow user to remove Scan results. Access Reporting needs to be selected for this role.|
This section is only visible if you have an SWAT license.
Allows the user role to comment findings.
Allows the user role to submit verification requests.
Allows the user role to discuss findings with the Outpost24 support.
Allows the user role to change risk levels and mark findings as accepted risks .
|Submit scoping request||Allows the user role to submit Appsec scoping requests.|
PCI Management is only visible if PCI Compliance scan is included in your license.
Allow the user to create, modify, or remove any scopes in this module.
Allow the user to start and stop PCI scans.
Allow the user to view PCI reports.
If the user has Access Reporting this option allow the user to dispute findings from the report.
This section is only visible if you have an Managed Reports license.
Allow users to add comments to reports.
Comment Vulnerability Database
Allow the user to create and edit comments in the vulnerability database.
Allow the user to administrate accounts.
Administrate User Roles
Allow the user to administrate user roles.
Allow the user to administrate tickets.
Grant All Tickets
Give access to all internal tickets. (If Manage Tickets is selected).
Audit Log Management
Read Audit Logs
The user is able to read the auditing log.
Allow the user to view the License tab in Main Menu > Settings > Account.
HIAB Management (HIAB only)
HIAB Management only visible if it is included in your license.
Administrate HIAB Server
Allow the user to restart the HIAB and setup HIAB settings like backup and networking.
© 2022 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.