Manage users

Users are created using the VM or PC module. Non-Manager users (Scanners, Readers, Unit Managers) must be granted permission to access the WAS application and the web applications in the subscription. A Manager (or user with the Edit User permission) can do this using the Administration utility.

How do I grant users access to the UI and API?

A new Scanner, Reader or Unit Manager may or may not have access to interfaces (i.e. UI, API). A Manager (or user with the Edit User permission) can change this using the Administration utility. Just edit the user's account and add access permissions for the user.

UI and API access options in Permissions pane when you create a role.

How do I allow users to scan and report on web applications in my account?

A new Scanner, Reader or Unit Manager will not have access to web applications. A Manager (or user with the Edit User permission) can change this using the Administration utility. Just edit the user's account and add web application tags to their scope. The user will be able to access any web application with a tag matching one of the user's scope tags.

List of various permissions for web assets in WAS.

Tell me about WAS Permissions

Our service gives users Role-Based Access Control. Users are granted access to WAS features and functions based on Roles. These Roles are a consolidation of fine grained Permissions. Managers have full rights and can configure roles and permissions using the Administration utility.

Web Application Permissions | Scan Permissions | Authentication Permissions | Configuration Permissions | Burp Permissions | Report Permissions | Remediation Permissions