Note: This section describes the new interface. For information about the classic interface, see Users (Classic Interface). For information about navigating the new interface, see Navigate (New Interface).

User accounts enable you to provide access to and manage permissions for resources. Only administrators can create and manage user accounts.

To access the Users page, click Settings in the left navigation plane, then click the Users widget.

The Users page displays a table of all user accounts. This documentation refers to that table as the users table.

Each row of the users table includes the user name, the dates of the last login and last failed login attempt, the total number of failed attempts, and the role assigned to the account.

To control a user's permissions in, you can assign roles to user accounts. The following table briefly describes the available user roles and related permissions. For detailed permissions information, see User Role Permissions.

Name Description


Can only manage their user profile and view scan results, including dashboards.

Scan Operator Can create and run scans, but may only use existing scan user-defined templates that were created by a standard user or higher. They can also analyze scan results and create user target groups.


In addition to scan operator privileges, can view user-defined templates that were created by a scan manager user or higher.

Scan Manager

In addition to standard user privileges, can configure scan settings and create, configure, use, and delete user-defined templates. They can also manage scanners, agents, and exclusions.


Has all permissions, is responsible for setting up the account, and knows the organization's architecture. They can create groups to organize different business units, and add and manage users on the account.

Note: You can disable a user account to prevent a user from accessing . When you disable a user account, retains the user role assigned to that user.

You can change the role of a user account at any time, as well as disable the account.

For more information, see: