Our service gives users Role-Based Access Control. Users are granted access to WAS features and functions based on Roles. These Roles are a consolidation of fine grained Permissions. Managers have full rights and can configure roles and permissions using the Administration utility.
Within the Administration utility, you'll find roles and their related permissions in the Role Management section. For example the WAS Scanner role defines permissions for a Scanner user with permissions to the WAS module.
Several permissions groups are available for the WAS module including 3 groups for WAS scanning.
Permissions to Launch, Cancel, Delete WAS Scan. These permissions are specifically for running scans against declared Web Applications. These permissions are not specific to an area in the user interface, but relate only to the general action of launching, stopping, or deleting scans, as might be available in various places of the user interface.
Permissions to Create, Edit, Delete WAS Schedule. These permissions are specifically for scheduling scans against declared Web Applications. These permissions are not specific to an area in the user interface but relate to the general action of scan scheduling.
Permission to Edit Scanner Appliance. The Web Application Scanning view of the Scanner Appliances allows for configuration of the Tags that are associated with the Appliance.
How do I see a user's assigned roles and permissions? Go to the Administration utility and view/edit the user of interest.
Who has permissions to view scan results? Users who have permission to view a web application also have permission to view scan results for that web application. Learn more
Do you have Express Lite? If yes, you and other users in your subscription have full permissions. You will not need to customize permissions.