Package: Invicti AppSec Core (on-demand), Invicti AppSec Enterprise (on-premise, on-demand)
Roles overview
Roles define what actions users can perform in Invicti AppSec. Invicti AppSec assigns each user a role, which determines their level of access across the platform. Invicti AppSec provides six built-in roles, and Enterprise users can customize permissions and create custom roles.
Invicti AppSec Core includes the same six built-in roles with fixed permissions. Core users can't view the Roles page, amend role permissions, or create custom roles.
Built-in roles
| Role | Description |
|---|---|
| Admin | Full system access with all permissions. |
| Manager | Manages business units and products. Has view-only access to associated projects. |
| Product Owner | Responsible for products. Has read-only access to project dashboards, vulnerabilities, and SBOM. |
| Team Lead | Oversees projects assigned to their team. Can access products if at least one project their team manages is within that product. |
| Developer | View-only access to projects assigned to their team. Can submit suppression requests (false positive, risk accepted) but cannot approve them. |
| Pentester | Limited access focused on importing vulnerabilities into projects. |
Built-in roles cannot be deleted. Their permissions can be amended, but you can always reset them to default.
Custom roles
You can create custom roles that inherit permissions from a built-in parent role. Custom roles allow you to tailor access by removing specific permissions from the parent role's baseline. For more information, see Add custom role.
Permission categories
Permissions are organized across the following categories:
- Global dashboard: access to the main dashboard
- Products: read, add, write, delete, and user management
- Projects: CRUD operations, dashboard, settings, and file management
- Scans: read, write, delete, and view completed/failed scans
- Vulnerabilities: read, add, write, export, and screenshot management
- SBOM: component viewing and export
- Users & teams: user management, role assignment, team administration
- Automation: setup and workflow configuration
- Integrations: read, write, delete, and ALM tool access
- Suppressions: false positive and risk acceptance request handling
To view the roles list, select Users and teams > Roles from the left side menu.
Need help?
Invicti Support team is ready to provide you with technical help. Go to Help Center