Appearance
Team Management
Team Management in AttackLens allows you to control who has access to the platform and what they can do. Through users and roles, you can enforce the principle of least privilege, ensuring each team member has exactly the access they need -- no more, no less.
Key Concepts
Users
A user is an individual account that can sign in to AttackLens. Each user has:
- Name: The user's display name, shown throughout the platform.
- Email: The unique identifier used for login. Each email can only be associated with one account.
- Role: Determines what the user can see and do in AttackLens.
- Status: Active or Disabled. Disabled users cannot sign in.
Roles
AttackLens uses role-based access control (RBAC) with four hierarchical roles:
| Role | Scope |
|---|---|
| Viewer | Read-only access to security data. |
| Posture Manager | Manage assets, policies, rulesets, and sensors. |
| Admin | Configure adapters, integrations, settings, and view audit logs. |
| Super Admin | Full access including user management and SSO configuration. |
Each role inherits all permissions from the roles below it. See Understand Roles and Permissions for a detailed permission matrix.
Who Can Manage the Team?
Only users with the Super Admin role can:
- Create new user accounts.
- Edit existing user accounts (name, email, role).
- Disable or delete user accounts.
- Configure SSO/SAML settings.
INFO
Every AttackLens installation starts with a single Super Admin account created during initial setup. This account is used to invite or create additional users.
Authentication Methods
AttackLens supports two authentication methods:
Local Authentication
Users sign in with their email and password. Passwords must meet the following requirements:
- Minimum 8 characters.
- At least one uppercase letter.
- At least one lowercase letter.
- At least one number.
- At least one special character.
SSO / SAML
Organizations can configure SAML 2.0 Single Sign-On to authenticate users through their identity provider (Okta, Azure AD/Entra ID, OneLogin, etc.). When SSO is enabled, users authenticate through the identity provider and are automatically provisioned in AttackLens. See Configure SSO for setup instructions.
Next Steps
- Add a User -- Create a new user account.
- Manage Users -- View, edit, disable, or delete user accounts.
- Understand Roles and Permissions -- Detailed RBAC breakdown with permission matrix.