User and Group Management

hexiosec asm provides two levels of user management, organisation roles and group roles organisation roles what a user can do within your organisation group roles what a user can do within a specific scan group see organisation and group roles for more information on the roles available adding new people to your organisation as an organisation owner or admin you can add a new person to your organisation via the organisation settings menu and 'invites' item, which can be found in the top right menu or at the top of the organisation scans page when you invite the new person, you will need to assign them an organisation role and you can add them to scan groups with the permissions then need for that scan group this can also be done by the owner or an admin after they have accepted the invite they will only be able to see the scans in the scan groups that they are added to it is a good idea to add them to a scan group as part of the invite, this allows them access to the scans as soon as they accept their invite you also have the option of creating a new group to add them to, you will automatically be added as the administrator of that group it is recommended that multi factor authentication (mfa) is used by everyone in your organisation, there is guidance is available for mfa and session expiry this can be set up by the person after they have accepted the invite managing organisation and group roles if you would like to manage organisation and group roles for everyone in your organisation, this can be done from the users page for an organisation on the users page you can search for people and manage their organisation role (the edit icon), or the groups they can access (the people icon) they can also be deleted from the organisation if they no longer need access it's a good idea to periodically review who has access in case people have changed roles or left the organisation and need to be removed when managing the groups a person is a member of, you will be presented with a new window where groups can be added or removed, and group permissions amended managing group roles groups roles can be managed from the settings (the cog icon) for a specific scan group scan group name with the cog on the right hand side showing settings option the scan group can be renamed here, or deleted the link on the edit group page will take you to the users page described in the section above, where you can manage the groups roles for each person when creating a new group within hexiosec asm , you will need to use the users management page to add users to that group before they can see it you will be automatically added as an administrator managing groups for multiple people this can be done from an organisation's users page use the checkboxes to select the people you would like to add or remove from a group at the top of the page you will then be able to select to edit them to 'manage groups' to be able to add or remove multiple people from groups, they must either, all not be in the group (for adding), or all be in the group (for removing) if you need to give some people separate permissions, such as one person being an admin for the group, then they will need to be added to that group individually