Configuring User Permissions in Acunetix 360
Acunetix 360 is an online multi-user web application security solution.
You can have an Acunetix 360 user for every team member. You can create as many new users as you need – there is no limit. Adding all your developers, quality analysts and other team members to Acunetix 360 helps you ensure that everyone who is involved in the development and upkeep of your web applications can act in a correlated manner. They can then do what is required to protect the long-term security of your web applications, which includes addressing all vulnerabilities quickly.
From the Team window, Account Owners and Account Administrators can invite new team members and configure their permissions, including for website groups.
For further information, see User Permissions Matrix in Acunetix 360.
New Team Member Permissions Fields
This table lists and explains the fields in the New Team Member window.
Select to give users access to API settings.
Select to give users permission to manage all other team members and their permissions. An Account Administrator also has permission to manage scans, reporting, settings, policies and issues.
Select to give users permission to add/update the website, manage website groups and list usernames.
Select to give users the same permission as Manage Issues. In addition, they have permission to start scans, manage scheduled scans, and manage scan policies.
View Scan Reports
Select to give users the same permission as Manage Issues, except they cannot update issues.
Select to give users permission to view dashboards and scan reports, list usernames and scans, create reports, and view and update issues.
Manage Issues (Restricted)
Select to give users permission to view scan reports and manage issues (as with Manage Issues), except they cannot update the status of addressed issues as Accepted Risk or False Positive.
How to Configure User Permissions in Acunetix 360
- From the main menu, select Team, then New Team Member.
- Complete the Name, Email and Phone Number fields.
- In the Access Type section, enable the relevant option.
- In the Account Permissions section, enable the relevant options. (For further information, see User Permissions Matrix).
- In the Scan Permissions section, enable the relevant options.
- If you are not allocating the user Administrator permission, you will also need to specify which Website Groups they can control.
- Click Send Invitation.