User Permissions

User Permissions

✓* : Only shows data related to the projects that the team lead or developer is assigned to.

✓**: Users with pentester roles can view and take actions only on vulnerabilities they added or imported to Kondukto in projects where they have been assigned as a pentester.


Action
Admin
Team Lead
Developer
    Pentester
View Dashboard

✓*
✓*

View Projects

✓*
✓*
✓**
Add Projects




Edit Projects

✓*


Delete Projects

✓*


Scan Projects

✓*


View Files in Projects

✓*


Upload / Download Files To / From Projects

✓*


View Images in Projects
✓*
✓*

Add Products




Edit Products




Delete Products




View Products



Add Endpoints

✓*


View Endpoints

✓*
✓*

View Vulnerabilities

✓*
✓*
✓**
View Duplicate Vulnerabilities
✓*


Add Screenshots to Vulnerabilities
✓*

✓**
Assign Endpoints to Vulnerabilities
✓*


Manually Import Vulnerabilities

✓*

✓**
Close Manually Imported Vulnerabilities
✓*


Assign Issues

✓*


Mark as False Positive

✓*


Mark as Won't Fix

✓*


Change Severity 




Leave Comments 



View Comments 
✓*
✓*

Request False Positive 


✓*

View SBOM
✓*
✓*

Add SBOM
✓*


Delete SBOM



View Users

✓*


Add Users

✓ (Only Developer)


Edit Users

✓ (Only Developer)


Delete Users




View Teams

✓*


Add Teams




Edit Teams

✓*


Delete Teams




Create / Download Reports




Enter Remediation Advice




Add Labels




Edit Labels




Delete Labels




View ASVS
✓*
✓*

View Logs




View Committer Benchmark

✓*


View Settings




Add Integrations




Edit Integrations




Delete Integrations






    • Related Articles

    • How does the shadow user feature work?

      Shadow users can be used for vulnerabilities both manually imported to Kondukto or automatically fetched from scanners. When Kondukto assigns issues to relevant people on issue managers, Kondukto checks for the status of the assignee on Kondukto and ...
    • What happens when an issue is assigned to a Kondukto user that is not an active user on the issue manager?

      For Kondukto to match users on Kondukto and issue manager, the same email address needs to be used on both platforms. When you try to create an issue on your issue manager that will be assigned to a Kondukto user that does not exist on your issue ...
    • Which user will be assigned an issue when multiple options are selected?

      Certain users can be assigned as issue responsible within the teams. When a team is assigned to a project, the issues are automatically assigned to this issue responsible based on the issue assignment criteria entered on the platform. If the ...
    • Adding/Editing Users

      There are 2 ways to add users to the platform. First is the quick way to do it by fetching users from SSO tools under Integrations. Users to be fetched to Kondukto can be quickly created along with their roles. When adding a new user manually, a ...
    • Users

      In the users view, users can be added, edited and deleted. For users to log in to the platform, to be assigned issues on issue managers or to receive periodic reports, the users must be created in the platform. Users can be single-handedly added one ...