HackenProof Docs
  • Welcome
    • HackenProof
      • Services we provide
      • Our resources
    • Integrations
      • Slack
      • Discord
      • Telegram
      • Zapier (Webhook)
        • Zapier -> Lark
        • Zapier -> Linear
        • Zapier -> Jira Service Management
        • Zapier -> PagerDuty
        • Zapier -> Google Chat
        • Zapier -> ClickUp
      • Jira Software
      • GitHub Issue
      • GitLab Issue
      • VDP iFrame
    • FAQ
      • Audit & Bug Bounty (BB)
      • Crowdsourced Audit & BB
      • Penetration testing & BB
    • Emergency
      • Reset 2FA
    • Code of Conduct
    • Referral Program
  • Bug Bounty
    • Bug Bounty process
    • How to start Bug Bounty
    • How to create a VDP
    • Vulnerability classification
      • Web & Mobile
        • Out-of-Scope Bugs
      • Smart contracts
      • Blockchain protocols
    • Reports Basics
      • Points Guide
      • Crafting a well-readable report
  • Dashboard
    • Company dashboard
      • Manage programs
      • Manage reports
      • Share report
      • Labels
      • E2E report encryption
      • Reports decrypting with Mailvelope
      • Users and roles
      • Program/Report Assignee
      • Replenish your balance
      • Integrations
    • Hacker dashboard
      • 👉How to start
      • Submit a report
      • Reports Basics
      • Vulnerability classification
      • 👮‍♂️KYC
      • Сreate a crypto wallet
      • 💸Withdraw bounty
      • Hacker Leaderboard
      • Reset 2FA
      • 🍕HackenProof community
      • Report ID
      • Private Program
      • Contact support
    • Company-Auditor dashboard
      • How to start
      • Add members
      • Submit report
      • Contact support
  • Crowdsourced audit
    • Audit process
    • How to start Audit
    • Supported tech
    • Vulnerability classification
    • Reports Basics
    • Qualified Auditors
    • Judging / Triaging
      • Targets
      • Team
    • Fee & Payments
  • DualDefense Audit
    • What is DualDefence Audit
    • How DualDefence Audit goes
    • DualDefence Audit — researchers' perspective
  • good to know
    • Changelog
    • Branding
    • Vulnerability Disclosure
  • Education
    • Courses
    • Tools
    • Useful sources
Powered by GitBook
On this page
  • Company users and their roles
  • Add Company Manager, Admin
  • Add Program Manager, Triager or Viewer
  • User roles and their permission
  • How Company Admin and Manager see account
  • How Program Triager and Manager see company account
  • How Viewers see account
  1. Dashboard
  2. Company dashboard

Users and roles

Company users and their roles

PreviousReports decrypting with MailvelopeNextProgram/Report Assignee

Last updated 10 months ago

Company users and their roles

HackenProof allows companies to create as many programs as they need. At the same time, a company can set up different roles and access.

Each company can have users with the following roles:

  • Company Admin - will see all programs and reports

  • Company Manager - will see all programs and reports

  • Program Manager - will see ONLY a specific program and its reports

  • Program Triager - will see ONLY a specific program and its reports

  • Report Viewer - doesn't have access to the company account at all! Viewers can see ONLY a report that was shared with them and only in their personal account

The diagram shows that the Program Manager and Program Triager will only have access to the specific programs they were added to.

Add Company Manager, Admin

To add a Company Manager, Admin:

  • please navigate to the users and roles menu

  • add a person with an appropriate role

Add Program Manager, Triager or Viewer

To add a Program Manager, Triager or Viewer:

  • please navigate to the correspondent program

  • open the Program Team tab

  • add a person with an appropriate role

User roles and their permission

Company Admin

Company manager

Program manager

Program

Triager

View Company Dashboard

yes

yes

yes

yes

View Company analytics

yes

yes

no

no

Users and roles in Company

yes

yes

no

no

View Company payments

yes

yes

no

no

View&Edit company profile

yes

yes

no

no

Company Level View

yes

yes

yes

no

View all bounty programs

yes

yes

only a specific program

only a specific program

Create new program

yes

yes

no

no

Edit program settings and profile

yes

yes

yes, only in a specific program

no

Delete program

yes

yes

no

no

View reports of the program

yes

yes

yes, only in a specific program

yes, only in a specific program

Set reports statuses

yes

yes

yes, only in a specific program

yes, only in a specific program

Assign reports

yes

yes

yes, only in a specific program

yes, only in a specific program

Comment on reports

yes

yes

yes, only in a specific program

yes, only in a specific program

Message Researcher

yes

yes

yes, only in a specific program

yes, only in a specific program

Reward report authors

yes

yes

yes, only in a specific program

yes, only in a specific program

View and export reports

yes

yes

yes, only in a specific program

no

Invite Members to the Program

yes

yes

yes, only in a specific program

only other triagers

Assign Triager

yes

yes

yes, only in a specific program

yes

Assign admin

yes

no

no

no

Assign owners

yes

no

no

no

Invite new admin or manager to a Company

yes

no

no

no

How Company Admin and Manager see account

How Program Triager and Manager see company account

How Viewers see account

The viewer doesn't have access to the company account at all! Viewers can see ONLY a report that was shared with them and only in their personal account

After you shared a specific report with the viewer, they can find it ONLY in their personal hacker account:

When Viewer opens the shared report, they will see the following data:

How Company Admin and Manager see account
Viewer personal account = Hacker account