With Shared Items, you can easily manage your pentesting and vulnerability assessment workflow with your team. This feature allows you to:
- See a complete list of team members, granted permissions, wordlists, and other resources that will give you an overview of the whole process
- Give differentiated access to workspaces among sub-users. You can select Read-only / Full access for your collaborators.
- You can also change the access to other resources to No access / View / Edit.
In the following article, you will find out:
- Manage rights between your sub-users
- Edit shared Workspaces
- Change between Workspaces
- Collaborate on workspaces with a VPN Profile
- Track Actions Log for Findings
- Deal with possible errors
1. How to manage rights between your sub-users
As the account owner, on the /Workspaces tab under Settings, you will see all your Workspaces, both created by you, as well as the ones you have shared access to from other users in your account.
If you click on the “Shared Workspace” button, you can view and edit the access to the selected Workspace to one or more sub-users. They can have the following permissions:
|Read Anything||Edit Scans, Findings, Targets||Modify Findings and Add Manual Findings||Start Scans||Export Reports|
Here you can also see the team members you shared the workspace with, by hovering above the arrow icon:
This is what the Workspaces page looks like from another team member’s account. As you can see, they have an overview of all their workspaces, both the ones they created and the ones shared with them. They can’t see a team member’s Workspace if the Workspace owner didn’t give them any access to it.
To see the changes take place, you need to refresh the page.
If you want to edit the permissions of one or more users, click on the “Shared Items” button or the “Edit sharing” Action.
If you want to delete all rights to one or more users, select the option “No access” to the Workspaces you want to remove the access to.
Note: Deleting the rights to a Workspace/Resource does not delete the user.
2. How to edit your Workspaces
Edit: You can edit all the workspaces you created or you were given Full Access to, except for “My Workspace”.
You can do this by clicking on the “Edit workspace” button under Actions.
Delete: You can delete all the workspaces under your ownership, except for “My Workspace”. You can’t delete other users’ Workspaces.
You can do this by clicking on the “Delete workspace” button under Actions.
Manage permissions: You can manage permissions to all the workspaces under your ownership.
You can do this by clicking on the “Manage permissions” button.
Recommendation: Don’t use the default workspaces “My Workspace” as Shared Workspaces, as you can’t edit them and they can easily create confusion for other users.
3. How to switch between Workspaces
You can change the current workspace from the dropdown menu pinned in the top left corner of the page. All the scans you perform and the generated findings will belong to this workspace.
Keep this in mind when creating reports, as you will be unable to create reports with findings originating in different workspaces.
You can, however, move targets (and their associated findings) between workspaces.
4. How to collaborate on Workspaces with a VPN Profile
Providing access to a Workspace doesn’t automatically give the user access to the VPN Profile.
To find out more about scanning internal networks using the VPN Agent, please refer to our support article.
5. How to track Actions Log for Findings
In the /Findings tab, you will be able to see the changes each user made for a finding by clicking the “Finding history” button under Actions.
This way you can keep track of changes your team members and yourself made.
6. Possible Errors
- All Workspaces selected but not editable. If you select all Workspaces and then select “Share workspace”, but you have access to other team members’ Workspaces, you won’t be able to successfully do this action. You can’t manage permissions to Workspaces you are not the owner of.
- Invalid Workspace name. You can’t add special characters to your Workspace’s name.