Skip to main content
VulnProScanby Dynamgenix IT Corp

Role-based access control

VulnProScan applies least privilege: users only receive the permissions needed for their job. High-impact actions use separation of duties so a single account cannot both request sensitive authorization and launch privileged real-world testing — a deliberate, server-enforced security control.

Security principles

These controls apply across all authenticated workflows — scans, pen tests, exports, and organization management.

Team workspace access (Business & Enterprise)

Business and Enterprise plans add invite-based team workspaces with three scoped roles: Owner, Admin, and Member. Permissions are enforced server-side — a Member cannot escalate to Admin by manipulating the UI or API. Shared scans are only visible within the workspace they were shared to; personal scans remain private to the user who ran them.

  • Owner — full workspace control: invite, assign roles, remove members, delete workspace.
  • Admin — member management and full access to shared scans and reports.
  • Member — run scans, view shared results; no access to member management.
  • Scan sharing is opt-in at launch time — scans not shared remain private by default.
  • Team capacity limits (Business: 10 users) are enforced at the API layer, not just the UI.

Authenticated access

Product features require sign-in. The platform does not expose privileged workflows to anonymous visitors. Sessions use secure cookies; after administrators change role allowlists in server configuration, affected users must sign out and sign in again so their role syncs from the database.

Permissions, not ad-hoc checks

Authorization is evaluated as permissions (e.g. request a launch code, validate a code, launch a real test, read audit exports) granted to roles. API routes always re-check permissions server-side — the UI never replaces backend enforcement.

  • Default deny — if a permission is not explicitly granted to your role, the action is blocked.
  • Horizontal scope — you can only access data for your organization (and approved targets) enforced by the server and execution service.
  • No silent bypass — if privileged services or role mappings are not configured, flows fail safely with a clear message.

Verified scan targets

Before running any scan or pen test, the target hostname must be registered and ownership verified by your organization. Verification is done via a DNS TXT record or a file placed on the target server. Scans against unverified domains are blocked at the API layer.

Separation of duties

High-impact actions use a two-person control: a Security Operator generates a one-time authorization code, and a Pen Test Admin uses that code to launch the real pen test. A single account cannot perform both steps — this is enforced server-side and cannot be bypassed through the UI.

Targets and exports

Real penetration tests may only run against registered targets that meet approval rules. Exports and sensitive artifacts require appropriate entitlements and server-side checks — other organizations' data is never returned because of UI hiding alone.

Roles

VulnProScan has two distinct role systems: team workspace roles (Business & Enterprise) and penetration test roles. Administrative pen test role assignment uses server configuration — never put privileged emails in client-side configuration.

Team workspace roles

TEAM OWNER

Creates and manages the team workspace. Can invite members, assign Admin or Member roles, remove members, and view all shared scans and reports across the workspace. Available on Business and Enterprise plans.

TEAM ADMIN

Can manage team members (invite, role changes, removal) and access all shared scans and reports in the workspace. Cannot delete the team or transfer ownership — those actions are reserved for the Owner.

TEAM MEMBER

Can run scans, view shared scan history, and access shared reports within the team workspace. Cannot manage other members or change team settings. Scans may optionally be shared with the team at launch time.

Penetration test roles

USER

Standard access: eligible plans, organization-scoped scans, findings, and reports you are entitled to. Cannot request authorization codes or launch real penetration tests in the privileged workflow.

SECURITY_OPERATOR

May request one-time authorization codes and validate codes (dry run) when preparing a launch. Cannot launch real penetration tests — that is reserved for Pen Test Admins (separation of duties).

PEN_TEST_ADMIN

May validate codes and launch real penetration tests against registered, approved targets in your organization. Cannot request new authorization codes — those must come from a Security Operator. May access audit exports where enabled.

ORG_ADMIN / OWNERRoadmap

Roadmap: broader organization management (members, targets, settings) may be introduced as a separate role without granting penetration test launch rights by default.

See access controls in action

Sign in to open the full scan console, or review the real penetration test launch workflow.

More resources