Manage Organizations

Understanding User Roles

User roles in ZeroThreat define access levels and responsibilities, ensuring secure and efficient team collaboration.

Introduction

User roles are essential for defining the scope of access and actions each user can perform within the an organization in ZeroThreat portal. By assigning roles effectively, organizations can maintain security, ensure accountability, and streamline collaboration across teams. Each role is tailored to specific levels of responsibility and access, ensuring that users only have the permissions necessary for their tasks. Let’s explore the roles available and their capabilities in detail.

User Roles

1. Owner Access

  • Full Access: The Owner role grants complete control over all features and settings within the portal.
  • Responsibilities: Owners can configure account-wide settings, manage billing details, add or remove users, and oversee all projects and scans.
  • Example: An Owner might configure ay target, update the organization's subscription plan, and assign roles to new team members.
Regularly Audit Roles
Owners should periodically review role assignments to ensure they align with current responsibilities and organizational needs.

2. Administrator Access

  • Nearly Full Access: Administrators can access almost all features, except for managing subscription plans or payment details.
  • Responsibilities: Administrators manage targets, execute scans, and review scan reports, ensuring the workflow runs smoothly without overseeing billing or subscription-related tasks.
  • Example: An Administrator could be responsible for ensuring project targets are scanned regularly and addressing vulnerabilities based on scan reports.
Restrict Privileges to Essentials
ZeroThreat advices to assign roles based on the principle of least privilege to minimize the risk of unauthorized changes or data exposure.

3. Contributor Access

  • Limited Access: Contributors focus on specific actions like executing scans and creating scan profiles for authenticated targets.
  • Responsibilities: They can start vulnerability scans on assigned targets, create login sequence profiles, and contribute to ongoing projects without managing user roles or account-wide settings.
  • Example: A Contributor might record the authentication flow for a web application and initiate a scan but won't have access to billing or user management settings.

4. Reader Access

  • View-Only Access: Readers have restricted access, allowing them to view scan results and configurations without making any changes.
  • Responsibilities: Readers analyze reports and configurations to understand vulnerabilities but cannot initiate scans or modify any settings.
  • Example: A Reader might review scan reports to identify security weaknesses but will need assistance from a Contributor or Administrator to address them.

Examples of Real-World Use

  • Owner and Administrators: The Owner of an organization might delegate day-to-day management of scan operations to Administrators while retaining control over billing and subscription.
  • Contributors and Readers: In a development team, Contributors handle scan executions and report creation, while Readers like team leads or clients review the findings for decision-making.

Understood about User Roles? Now head over to Add User guide to add a user to your organization.