Descriptions of user roles and permissions at the pentest and organization level.
Every user with access to Cobalt will be assigned a role. Each role has a defined set of permissions.
Roles can be set at an organization level (member or owner) and pentest level (team member).
Organization Level Roles:
- Owners: think of this as the highest level of access. Owners have full access to the organization and its assets and pentests.
- Members: access to the organization and its assets and pentests. Unable to manage organization users or organization's identity & access preferences.
Pentest Level Roles:
- Team Members: can collaborate on specific pentests and have no access to manage organization users or organization's settings.
|Pentest Level||Organization Level|
|View asset & pentest details||x||x||x|
|Edit pentest details||x||x||x|
|View & export pentest findings||x||x||x|
|View pentest activity updates||x||x||x|
|Comment on pentest findings||x||x||x|
|Update status of pentest findings||x||x||x|
|Create new label(s) & apply label(s) to pentest findings||x||x||x|
|Invite other team members to pentest||x||x||x|
|Assign pentest findings||x||x||x|
|Manage pentest findings custom references||x||x||x|
|Remove other team members from pentest||x||x||x|
|Manage pentest Jira 1-way/GitHub integrations||x||x||x|
|View all users within the organization||x||x|
|Manage organization's general settings (logo, name)||x||x|
|View organization's credit balance||x||x|
|View & export pentest insights||x||x|
|Invite users to organization||x|
|Remove users from organization||x|
|Manage organization's identity & access preferences||x|
|Manage organization's integrations||x|
Certain permissions depend on organization's tier. Explore what’s included in each tier.