Invite User to My Project

Overview

AttackForge lets you invite any person to your project who may need to collaborate with you or the project team; or to provide access to the reports & tracking features.
Only the Project Owner can invite a user to a project and manage their access levels. The Project Owner is the user that created the project. This cannot be changed.
If you are the project owner, you can select Manage Access from your project menu.
This page will show you all the users with access to your project, and their associated access level & project role.
You can update a user's access to your project at any time by clicking on their current access level (in the table) and selecting from any of the options in the drop-down menu.
You can update a user's project role also by clicking on the current role (in the table) and selecting from any of the options in the drop-down menu.
You can also remove access to your project for a user at any time by clicking Delete on the user record in the table (in last column).
You can also click on the menu and select Grant Access to User in order to invite a new person to your project.
Every project has three (3) levels of access control that can be assigned to any user. This controls the user's ability to see vulnerabilities & data from the project within AttackForge, and also how they can interact with that project.

Access Roles

View Access

This is typical privilege assigned to Customers.
    View project-related data in following modules:Dashboard, Analytics (Pro-Perk), Retesting, Schedule, Reporting, Search
    View project dashboard
    View scope
    View test cases
    View retesting history
    Request retest
    View project vulnerabilities, including their remediation notes – except Pending vulnerabilities
    Add remediation notes on vulnerabilities
    Flag vulnerability as Ready for Retesting / Not-Ready for Retesting (Re-Open)
    View attack chains
    Download report in PDF / DOCX / HTML / CSV / JSON / ZIP / ReportGen
    Customise reports (Pro-Perk)
    View daily tracking
    View project team member profiles
    Collaborate in Slack project channel
    Self-Export vulnerabilities to JIRA
    Self-Export vulnerabilities to Slack

Upload Access

This is typical privilege assigned to Developers / Engineers
    Inherits View
    Upload files to the project workspace

Edit Access

This is typical privilege assigned to Pentester / Security Consultant
    Inherits Upload
    Send daily start / stop testing email notifications
    Create / Update / Delete workspace notes & files
    Update test cases, including actioning, adding notes & uploading evidence
    Create / Update / Delete vulnerabilities, including Pending vulnerabilities, upload evidence, close vulnerabilities, & import vulnerabilities (Pro-Perk)
    Create / Update / Delete attack chains
    Notify project team that retest round is completed
    Upload testing logs
    Update executive summary on report
    Place project on-hold / off-hold

Project Owner

This applies to the user which created the project.
    Inherits Edit
    Create / Update / Delete scope
    Update project
    Manage access to project
    Delete project

Who Can I Invite To My Project?

You can invite any person to your project by their email address. Please ensure you have consent from the person before inviting them.
If the user is registered in AttackForge.com - they will receive an email notification informing them you have now invited them to the project and they can access it immediately.
If the user is not registered in AttackForge.com - they will receive an email notification informing them they have been invited to your project, however they first need to complete their registration. Once person has registered their account, they will be able to access your project immediately.

Project Roles

Project Roles can be assigned to any user on the project. The roles do not provide the user with any additional access rights. Privileges on the project are controlled via the Access Roles (see above).
Project Roles are displayed in the Project Tracking / Overview page, so that other team members can see who is on their project and also their role on the project - to help with collaboration and contacting the right person.
Project Roles are also included in the reports, alongside the project team member's name.
Last modified 10mo ago