Managing roles in Invicti Enterprise
Invicti Enterprise allows you to create roles with preferred and secure permissions. You also have the ability to edit the roles already created.
- Invicti Enterprise helps you to safeguard your web application against malicious attacks by providing you with secure options when creating various roles for a team and members.
- You can add developers, analysts, and other people as members, assigning them different permissions so that they can coordinate and perform their roles safely.
- You can assign members to existing roles, website groups, and teams. Or, you can create a unique role so that a member with a specific task to perform in your team has the correct access.
- For example, you can decide a user that can start a web application security scan but cannot view the scan’s reports. Or, that user can view IP restrictions but cannot add or edit this restriction.
This article explains how to add a new role, edit a role, and delete a role. For further information, see Managing Members in Invicti Enterprise and Managing Teams in Invicti Enterprise.
For detailed information about the list of all permissions, see Role Permission Fields.
How to add a new role
- Log in to Invicti Enterprise.
- From the main menu, select Team > New Role.
- In the Name field, enter a name for the role.
- In the Permissions field, select permissions to add to the role.
- Select Save.
How to edit a role
- From the main menu, select Team > Manage Roles.
- Next to the relevant role, select the Edit icon (
). - In the Edit Role window, make the required changes to the role’s details, such as Name and Permissions.
- Select Save.
You cannot edit or delete built-in roles added by Invicti.
How to delete a role
- From the main menu, select Team > Manage Roles.
- Next to the relevant role, click the Delete icon. A confirmation dialog is displayed.
- In the confirmation dialog, select Delete.
Role permission fields
The list of permissions may vary according to the Invicti solution, such as On-Premises, you use.
This table lists and explains all permission fields in the New Role window.
|
Role |
Description |
|
View General Settings |
The user can view general settings. |
|
Edit General Settings |
The user can edit general settings. |
|
Delete Agent Group |
The user can delete an agent group. |
|
Add/Edit Agent Group |
The user can add and edit an agent group. |
|
View Agent Group List |
The user can see an agent group list. |
|
View Agent List |
The user can see an agent list. |
|
Manage Agent Commands |
The user can see and use agent commands. |
|
Add/Edit Agent |
The user can add and edit an agent. (This permission is required to select an agent mode on the Website page in addition to the View and Edit Website permissions.) |
|
Delete Agent |
The user can delete an agent. |
|
View Audit Logs |
The user can see audit logs. |
|
View Custom Script List |
The user can see a custom script list. |
|
Add/Edit Custom Script |
The user can add and edit a custom script. |
|
Delete Custom Script |
The user can delete a custom script. |
|
Execute Custom Script |
The user can execute custom scripts. |
|
View Discovery Settings |
The user can view the discovery settings. |
|
Edit Discovery Settings |
The user can edit the discovery settings. |
|
View Discovery List |
The user can view a discovered websites list. |
|
Edit Discovery List |
The user can edit a discovered websites list. |
|
Add/Edit Integration |
The user can add and edit an integration. |
|
Delete Integration |
The user can delete an integration. |
|
View Integration List |
The user can view the integration list. |
|
Add/Edit Integration User Mapping |
The user can add and edit user mapping for integration. |
|
Delete Integration User Mapping |
The user can delete user integration mapping. |
|
View Integration User Mapping |
The user can view user integration mapping. |
|
View Scan Report |
The user can view scan report. |
|
View IP Restrictions |
The user can view IP restrictions. |
|
Modify IP Restrictions |
The user can add/edit and enable/disable IP restrictions. |
|
View Account License |
The user can view an account license. |
|
Manage Licenses |
The user can manage account licenses. |
|
Manage Notifications |
The user can manage notifications. |
|
Manage Reporting |
The user can manage reporting. |
|
Add/Edit Report Policy |
The user can add and edit a report policy. |
|
Delete Report Policy |
The user can delete a report policy. |
|
View Report Policy |
The user can view a report policy. |
|
Add/Edit Scan Policy |
The user can add and edit a scan policy. |
|
Delete Scan Policy |
The user can delete a scan policy. |
|
View Scan Policy |
The user can view a scan policy. |
|
View Website Dashboard |
The user can view the website dashboard. |
|
Add Website |
The user can add a website. |
|
Edit Website |
The user can edit a website. |
|
Import Website |
The user can import a website. |
|
View Website List |
The user can view a website list. |
|
View Global Dashboard |
The user can view the global dashboard. |
|
Delete Website |
The user can delete a website. |
|
Delete Website Group |
The user can delete a website group. |
|
Add Website Group |
User can add website group |
|
Edit Website Group |
The user can edit a website group. |
|
View Website Group List |
The user can view a website group list. |
|
Manage Technologies |
The user can manage technologies. |
|
Manage SSO |
The user can manage Single Sign-On. |
|
Manage Settings |
The user can manage application settings. |
|
Add/Edit Scheduled Scan |
The user can add and edit a scheduled scan. |
|
Delete Scheduled Scan |
The user can delete a scheduled scan. |
|
View Scheduled Scan List |
The user can view a scheduled scan list. |
|
Add/Edit Scan |
The user can add and edit a scan. |
|
Edit Scan State |
The user can edit a scan state. |
|
Delete Scan |
The user can delete a scan. |
|
View Scan List |
The user can view a scan list. |
|
View Issue List And Detail |
The user can view an issue list and detail. |
|
Mark Issue As Fixed |
The user can mark an issue as fixed. |
|
Mark Issue As False Positive |
The user can mark an issue as a false positive. |
|
Mark Issue As Accepted Risk |
The user can mark an issue as an accepted risk. |
|
Enforce 2FA |
The user can configure Two-factor Authentication. |
|
View Team List |
The user can view a team list. |
|
Add Team |
The user can add a team. |
|
Edit Team |
The user can edit a team. |
|
Delete Team |
The user can delete a team. |
|
View Member List |
The user can view a member list. |
|
Edit Member |
The user can edit a member. |
|
Delete Member |
The user can delete a member. |
|
View Role List |
The user can view a role list. |
|
Add Role |
The user can add a role. |
|
Edit Role |
The user can edit a role. |
|
Delete Role |
The user can delete a role. |
|
Can Bypass SSO Login |
The user can bypass Single Sign-On Login (can log in with email and password). |
|
Reset Agent Token |
The user can reset the agent token. |
|
View Member Invitation List |
The user can view a member invitation list. |
|
Add Member Invitation |
The user can add a member invitation. |
|
Delete Member Invitation |
The user can delete a member invitation. |
|
View Authentication Profile List |
The user can view an authentication profile list. |
|
Add Authentication Profile |
The user can add an authentication profile. |
|
Edit Authentication Profile |
The user can edit an authentication profile. |
|
Delete Authentication Profile |
The user can delete a member invitation. |
|
Mark Issue As Fixed(Can’t Retest) |
The user can mark an issue as Fixed(Can’t retest). |
|
Manage Notifications(Account) |
The user can manage all account notifications. |
|
Can Modify Account Profile and Policies |
The user can modify the scan profile, report policy, and scan policy. |