User Roles and Permissions
Learn about the user roles and associated permissions.
Depending on their role, a user can collaborate at the pentest or organization level.
Pentest Level | Organization Level |
---|---|
A Pentest Team Member:
|
An Organization Owner has the highest level of access and can:
|
Refer to the table below for a detailed list of permissions and privileges for each role. Some permissions depend on the PtaaS tier of your organization.
Permission | Pentest Team Member | Organization Member | Organization Owner |
---|---|---|---|
View and edit pentest details | ✔️ | ✔️ | ✔️ |
View pentest activity updates and pentester updates | ✔️ | ✔️ | ✔️ |
View and manage pentest findings | ✔️ | ✔️ | ✔️ |
Invite Pentest Team Members to a specific pentest and remove them | ✔️ | ✔️ | ✔️ |
Create and manage Cobalt API tokens | ✔️ | ✔️ | ✔️ |
Manage integrations for a specific pentest: Jira one-way and GitHub | ✔️ | ✔️ | ✔️ |
Access the following pages in the Cobalt app: Assets, Insights, People, Credits, Integrations, and Settings | ➖ | ✔️ | ✔️ |
Create assets and pentests | ➖ | ✔️ | ✔️ |
View all users and pentest collaborators within an organization | ➖ | ✔️ | ✔️ |
Manage integrations for an organization, including webhooks | ➖ | ✔️ | ✔️ |
View and edit general organization settings (logo, name) | ➖ | ✔️ | ✔️ |
Manage users for an organization | ➖ | ➖ | ✔️ |
View the email addresses of users on the People page | ➖ | ➖ | ✔️ |
Manage identity and access settings for an organization: two-factor authentication and SAML SSO | ➖ | ➖ | ✔️ |
Enable co-branded reports (for partners) | ➖ | ➖ | ✔️ |
Last modified January.01.2023