Permissions in Fortify Software Security Center
The permissions designated by your user role in Fortify Software Security Center determine the types of tasks that you can perform on ScanCentral DAST scans, sensors, sensor pools, settings, scan schedules, and global features such as deny windows and base settings. The following table describes the predefined roles in Fortify Software Security Center that allow dynamic-related tasks.
| ScanCentral DAST Tasks | Application Security Tester | Developer | Manager | Security Lead | View-only |
|---|---|---|---|---|---|
| Manage pools and sensors | x | x | |||
| View data | x | x | x | x | x |
| Create, run, change, and delete scans, schedules, and settings | x | x | |||
|
Run scans from existing templates and base settings |
x | x | x | ||
| Download artifacts (settings, scans, and logs) | x | x | x |
|
|
| Manage deny intervals, application priority level, and retention policy | x | ||||
| Manage global restrictions, restricted scan settings, and private data settings | x | ||||
| Manage key stores and artifacts repositories | x |
For information about creating custom user roles, see the OpenTextâ„¢ Fortify Software Security Center User Guide.
Tasks requiring Universal access permissions
The following ScanCentral DAST tasks require Universal access permissions in Fortify Software Security Center:
-
Creating and maintaining custom policies
-
Creating and maintaining base settings
-
Force deleting scans from the ScanCentral DAST database
-
Managing Fortify Connect settings