Overview of users and roles in Acunetix
Acunetix offers Role-based access control (RBAC) to efficiently manage user access. RBAC empowers you to limit or authorize user access to Acunetix based on their specific roles. With RBAC, you can easily manage users at scale while maintaining control over access levels.
- Acunetix safeguards your web application from malicious attacks by enabling you to add users and assign them specific roles in securing your application.
- You can add application security engineers, developers, analysts, and other relevant users to collaborate and fulfill their responsibilities in protecting the web application.
- With Acunetix, all involved users can coordinate seamlessly and ensure comprehensive protection of the application.
This topic provides an overview of users and roles in Acunetix. For further information about adding users and configuring roles, see Managing users.
Information Acunetix Premium (on-premises and online) users can access this feature. |
Tips Only the System Admins can add users. |
The first account that is created is the System Admin (previously Platform Admin). The System Admin can create additional users, giving a role to each user and configuring which scan targets can be scanned or reported on.
These users can be given permissions on specific Target Groups, and they can create new targets, scan them, or report on the targets within the group.
Roles
When creating a user, you need to choose a role for the user.
Information Acunetix has enhanced user roles in the latest 15.4 release. To learn more about the changes made to the roles, see Changes to roles with the 15.4 release. |
Acunetix has 5 default roles. The following table shows the roles and what these roles can be responsible for:
Feature / Role | System Administrator | Platform Administrator | AppSec Admin | AppSec User | Report Viewer |
Scan Targets | Full Access | Full Access | Full Access | Read | Read |
Scan Target Groups | Full Access | Full Access | Read | Read | Read |
Scan Profiles | Full Access | Full Access | Read | Read | Read |
Issue Trackers | Full Access | Full Access | Full Access | Read | Read |
Vulnerabilities | Full Access | Full Access | Full Access | Full Access | Read |
Scans | Full Access | Full Access | Full Access | Full Access | Read |
Reports | Full Access | Full Access | Full Access | Full Access | Full Access |
System | Full Access | None | None | None | None |
WAF | Full Access | Full Access | Full Access | Read | Read |
Engines (On-Premises only) | Full Access | Read | None | None | None |
Discovery | Full Access | Full Access | Full Access | None | None |
Excluded Hours | Full Access | Full Access | Read | Read | Read |
Changes to roles with the 15.4 release
Acunetix made significant improvements to user roles with the release of version 15.4.
- This update standardized the roles in line with industry standards, thereby reducing confusion around role responsibilities.
- The update introduced new roles, updated existing role names, and expanded role permissions to enhance the user experience.
For further information about the new roles, see the following table:
Old roles | New Roles |
Platform Admin | System Administrator |
Technical Admin (with Access to All Targets and Allow creation of Targets) | Platform Administrator |
Technical Admin (with Access to All Targets or no access to targets) | AppSec Admin |
Tester | AppSec User |
Auditor | Report Viewer |