User accounts and permissions

Before AppScan® Source users can begin to scan or triage results, an administrator must create user accounts and assign permissions to the accounts.

Important: This topic applies only if you have upgraded to AppScan Source version 10.0.2 or higher from a 10.0.1 or earlier version of the product. New installations of AppScan Source version 10.0.2 do not have this functionality; all user administration of new AppScan Source installations occurs in AppScan Enterprise.

AppScan Source user permissions are stored in the AppScan Source Database and applied when a user is logged in to the AppScan Enterprise Server. Users that run AppScan Source for Development in local mode have full AppScan Source permissions.

When you create a user, you establish a role for that user and identify the permissions available for that user. Permissions identify the allowable AppScan Source tasks for that user. Tasks not specifically identified as part of a permission are available to all users.

Note: You cannot modify a user ID. You must delete the user account and recreate the user with the same user ID.
Permission Group Permission
Application and Project Management Register (Register and unregister applications and projects)
Scan
View Registered
Manage Attributes
Apply Attributes
Assessment Management Delete Published Assessments
Save Assessments
Publish Assessments
View Published Assessments
Knowledgebase Management Manage Custom Rules
Manage Patterns
Administration Manage Users
Manage AppScan Enterprise Settings
Filter Management Manage Shared Filters
Scan Configurations Manage Shared Configurations (sharing scan configurations and editing/deleting shared scan configurations)