YesWeHack

Assign Roles and Permissions to your team members

The YesWeHack platform enables you to set different roles &amp; permissions for your collaborators. We provide a very granular approach to align with your internal organisation and structure.

___________________________________________________________

The YesWeHack platform revolves around 3 main objects for roles and permissions:

Business Units: this is the highest layer of the platform, associated to the organisation level. From the Business Unit layer, you are able to access all programs &amp; vulnerability reports.

Programs: this is the layer associated to specific testing campaigns (e.g., a Bug Bounty program, a pentest campaign, a VDP, etc.). From the program layer, you are able to access the program and all vulnerability reports of this program. You cannot access other programs, or other programs' reports.

Vulnerability reports: this is the lowest access layer of the platform, it is associated to a specific vulnerability report. From the report layer, you are only able to access the vulnerability report. You have cannot view other reports, the program, nor the organisation.

- Business Units: this is the highest layer of the platform, associated to the organisation level. From the Business Unit layer, you are able to access all programs &amp; vulnerability reports.
- Programs: this is the layer associated to specific testing campaigns (e.g., a Bug Bounty program, a pentest campaign, a VDP, etc.). From the program layer, you are able to access the program and all vulnerability reports of this program. You cannot access other programs, or other programs' reports.
- Vulnerability reports: this is the lowest access layer of the platform, it is associated to a specific vulnerability report. From the report layer, you are only able to access the vulnerability report. You have cannot view other reports, the program, nor the organisation.

The roles &amp; permissions that can be assigned to your collaborators give different access rights for these 3 categories.

ℹ️ Learn more about how to invite new team members <a href="https://helpcenter.yeswehack.io/en/articles/376513-invite-your-team-on-yeswehack">here</a>.

The permissions of each role are detailed in the table below.

ℹ️ VDPs and a Featured VDPs are both considered as programs. However, in the case of a VDP, the program manager cannot interact with the person who reported the vulnerability.

- A “Business Unit Manager” is the role with the most privileges on the platform. These are exactly the same as the Business Unit Owner (the one who created the company) and can be used as a back-up.

- A “Business Unit Surface manager” manages assets and reports only related to the Attack Surface product.

- A "Program Analyst" has access to closed reports (e.g. 'Resolved') for knowledge sharing and post-analysis.

- A “Report viewer” can view a specific report without editing it. It is usually used to share information to a key stakeholder on an individual vulnerability.

An item: Business Unit, Program or Vulnerability Report

An access: Manager, Viewer, Auditor, etc.

- A person
- An item: Business Unit, Program or Vulnerability Report
- An access: Manager, Viewer, Auditor, etc.

A person can have multiple roles, but they cannot be combined on the same item.

A Program Manager cannot be invited as a Program Viewer on the same program

A member can be both a Hunter and a Pentester on different programs

- A Program Manager cannot be invited as a Program Viewer on the same program
- A member can be both a Hunter and a Pentester on different programs

Learn more about the different platform roles and their access rights

Roles & permissions

Create a custom design with text, images, and links

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Roles & permissions

Assign Roles and Permissions to your team members

Main roles and accesses

Team members roles

Security Researchers Roles

Multiple role assignment