Scan Permissions

Our service gives users Role-Based Access Control. Users are granted access to WAS features and functions based on Roles. These Roles are a consolidation of fine grained Permissions. Managers have full rights and can configure roles and permissions using the Administration utility.

How to find Roles

Within the Administration utility, you'll find roles and their related permissions in the Role Management section. For example the WAS Scanner role defines permissions for a Scanner user with permissions to the WAS module.

Tell me about WAS Scan Permissions

Several permissions groups are available for the WAS module including 3 groups for WAS scanning.

(1) WAS Scan Permissions

Permissions to Launch, Cancel, Delete WAS Scan. These permissions are specifically for running scans against declared Web Applications. These permissions are not specific to an area in the user interface, but relate only to the general action of launching, stopping, or deleting scans, as might be available in various places of the user interface.

(2) WAS Schedule Permissions

Permissions to Create, Edit, Delete WAS Schedule. These permissions are specifically for scheduling scans against declared Web Applications. These permissions are not specific to an area in the user interface but relate to the general action of scan scheduling.

(3) Scanner Appliance Permissions

Permission to Edit Scanner Appliance. The TotalAppSec view of the Scanner Appliances allows for configuration of the Tags that are associated with the Appliance.

Still have questions?

How do I see a user's assigned roles and permissions? Go to the Administration utility and view/edit the user of interest.

Who has permissions to view scan results? Users who have permission to view a web application also have permission to view scan results for that web application. Learn more

Do you have Express Lite? If yes, you and other users in your subscription have full permissions. You will not need to customize permissions.