Application Security Platform
Roles

Default roles

This document is for:
Invicti Platform

Invicti is a multi-user system that utilizes role-based access control (RBAC) to effectively manage user permissions. This allows you to control and restrict access by assigning specific roles to users based on their responsibilities.

The first account created is the Owner, who has the authority to add new users, assign roles, and configure which scan targets can be accessed for scanning or reporting. For more information about adding users and configuring custom roles, refer to Edit, delete, or disable users and Create and manage roles documents.

This document provides an overview of default roles in Invicti Platform.

Default roles

A role is a set of permissions that administrators assign to users or user groups. When adding a new user, you must select an appropriate role. The Invicti Platform offers five default roles.

New users can be added by Owners and Admins.

The table below outlines the default roles and their respective responsibilities.

Permission

Description

Owner

Administrator

Security Manager

Security Analyst

Viewer

Root

System + extra super permission such as global password policy, creation of APIs, organizations

☑️

System

Organization & licensing details, read/configure SSO & system settings

Subscription

Read licensing information

Users

Manage RBAC (users, teams, roles, memberships, permissions)

Audit Logs

Read audit logs

✔️

✔️

Excluded Hours

Excluded hours

✔️

✔️

✔️

Scan Profiles

Scanning profiles

✔️

✔️

✔️

Collections*

Inventory Collections

✔️

✔️

Integrations

All integrations

✔️

✔️

Automations

All automations

✔️

✔️

Agents

DAST Worker management

✔️

Scans*

Scans and headless scans (MegaDAST)

✔️

Applications*

Inventory Applications

✔️

Assets*

Inventory assets, targets and external targets

✔️

Vulnerabilities*

Vulnerabilities

✔️

Website Discovery*

Website discovery feature

✔️

API Security*

API Security

✔️

Reports*

Report generation and management

Each permission exists as:        

  • ✅Full        
  • ✔️View only
  • ☑️Root Organization Only        

        

* Permissions are affected by Collections (if restricted)        


Share This Article