Manage Your Users

How do I view my account info?

Why should I use business units?

How do I check account activity?

Can I move users across business units?

How do I assign asset groups to a user?

How do I prevent a user from logging in?

How do I grant a user permissions?

How do I make an inactive account active again?

What happens after adding a new user?

How do I delete a user?

What if the user doesn't receive login credentials?

Tell me about the primary contact

How do I change a user's password?

Can I change contact info in email notifications?

Tell me about password security settings

Tell me about the activity log

Add secret questions for password reset

 


How do I view my account info?

Go to Help > Account Info. You'll see general information about your account configuration and privileges, a summary of recent and scheduled maps and scans in your account, and a list of scanner appliances in your account.

How do I check account activity?

Select Account Activity below your user name (in the top, right corner). The Account Activity page can help you identify unusual or unauthorized account access. You’ll also have the ability to sign out of other active sessions. We’ll show you when each session was created and the IP address from which the session was established.

If you’re a Manager, you can view account activity for other users by selecting Info or Edit for any user in the users list.

Show me an example

How do I assign asset groups to a user?

Go to the Asset Groups section. Assigned asset groups identify IP addresses the user can scan, domains the user can map, and scanner appliances the user can use for scanning the internal network.

Which asset groups can I assign to the user?

Tell me about the "All" group

Can I create a user without asset groups?

How do I grant a user permissions?

You start by assigning the user a role which comes with a basic set of permissions, for example the role Scanner allows the user to launch scans and the role Reader allows the user to create reports. Then you can give individual users additional permissions like the ability to create authentication records and add assets. You do this by editing the user's account. The permissions available to each user depend on the user's role. See User Roles and Permissions.

What happens after adding a new user?

When you create a new user, the user appears on the user accounts list with a status of "Pending Activation". The user will automatically receive a registration email with a secure one-time-only link to the credentials for their new account and login instructions. The registration email is sent to the email address defined in the user's account. The user's status changes to "Active" after logging in for the first time. (Note that users with a "Contact" user role do not receive login credentials, and cannot log in to the application.)

What if the user doesn't receive an email with login credentials?

If the new user does not receive the registration email (perhaps because it was sent to an incorrect email address), then any Manager in the account or Unit Manager in the user's business unit (if applicable) can request new login credentials to be sent to the user. First edit the user's account and correct the email address. Then edit the user's account and go to the Password section (under Options) and follow the online prompts to change the password. The user will receive an email with new login credentials.

How do I change a user's password?

A Manager can change the password for any user in the subscription. A Unit Manager can do this for users in their business unit. Edit the user, go to Security and click Change to generate a new password. An email will be sent to the user with new login credentials. Important: If the subscription has only one Manager, and that user's password is lost, contact Support.

Note: You can use these special characters while creating user-defined password: ( ) ` ~ ! @ # $ % ^ & * - + = | \ { } [ ] : ; " ' < > , . ? /.

Tell me about password security settings

Go to Users > Setup > Security to set advanced password security settings. For example, allow users to define their own passwords, set password expiration, set the number failed login attempts that lock a user's account. Your settings will apply to all user accounts in the subscription.

Add secret questions for password reset

Edit your own user account and go to the Security section. Then choose and answer three secret questions (answers are case-sensitive). Make sure your answers are private, memorable and do not change over time. We'll use this information to help you reset your password if you forget it.

Why should I use business units?

Creating business units (Users > Business Units) lets you configure user access to assets to match your organization's policies and procedures. For example, if you have a group of users in the US and another in the EU, you can create a business unit for each group. Assign the US users and the assets they manage to US business unit and assign the EU users and their assets to the EU business unit. (Business units are not available to Express Lite users)

Tell me about business unit IP allocation

Can I move a user across business units?

Yes. In an enterprise setting with multiple users and business units, you may at times need to move users from one business unit to another. You can do this by editing the business unit or an individual user. A workflow is provided to assist you with transferring the user's personal configurations and asset groups to their new business unit.

What happens to the user's configurations and asset groups?

How do I prevent a user from logging in temporarily?

Edit the user's account, go to User Status and select the "Deactivate this user" check box. (Note - this option only appears when a Manager is editing a user account.) Once deactivated, the user will not be able to log in to the cloud platform.

What happens to the user's stuff? Any schedules owned by the user will be deactivated at the next scheduled launch time. You can prevent this by reassigning the schedules to an active user. Other account settings (such as option profiles, asset groups and reports) will not be affected.

You cannot deactivate the primary contact

Deactivating a Contact user

How do I make an inactive account active again?

You can re-activate a user's account - allowing the user to once again log in - by editing the user's account and clearing the "Deactivate this user" check box. This may be necessary if the user is locked out of his account because of too many failed login attempts.

How do I delete a user?

Go to the Users list, identify the user account you want to remove and choose Delete from the Quick Actions menu. You'll have the option to save the user's map and scan results and transfer user configurations to another user in the subscription so they remain available to other users. Just follow the online prompts during the delete workflow.

Learn more about what gets deleted

Who has permission to delete users?

What happens to Manager owned objects?

Tell me about the primary contact

There is one primary contact for the subscription and one primary contact for each business unit. You'll see an asterisk (*) next to the name of each primary contact on the Users list. Go to Help > Account Info to escalate support issues to your contact. Want to change the primary contact? Go to Users > Setup > Primary Contact (Managers and Unit Managers).

Can I change contact info in email notifications?

The primary contact is shown in email notifications by default. You can provide another user to appear in scan email notifications. Learn more about email contacts

Tell me about the activity log

The Activity Log is a list of user actions like when a user logged in, launched a scan, edited an asset group, and so on. Managers see all user actions. Unit Managers see actions performed by users in their business unit. Scanners and Readers see their own actions only. Go to Users > Activity Log.

Want to find API logs? From Users > Activity Log, choose the Search option above the data list, and enter "API" in the Details search field. You'll get a list of recorded API activities. The User IP column shows the IP address from which the connection was established.