Breadcrumbs

Manage access levels in the Mend AppSec Platform

Overview

This documentation focuses on role-based access management within the Mend Platform. It provides specialized guidance tailored to the System Admin role, ensuring effective access levels control, security, and compliance within the platform.

  • Who is Moderating User Permissions?

    • As a System Admin in the Mend Platform, your role is pivotal in ensuring secure and efficient user access management, including users/groups/roles management and account administration. This documentation series explores the technical aspects of managing access levels within the Mend Platform.

  • Why is Moderating User Access Permissions Important, and What Problem(s) Does It Solve?

    • Efficient user access management is crucial for platform security, operational efficiency, and compliance. Admins play a key role in solving critical technical problems related to access control, ensuring that users have the right access to the right resources.

  • What Value Does the Mend Platform Bring to Moderating User Permissions?

    • The Mend Platform empowers Admins with technical capabilities to enhance security, streamline access management, and seamlessly integrate the platform with external systems, including SAML/SSO for advanced technical authentication.

Use cases for managing your users' access

  1. Role-Based Access: Assigning specific roles to users based on their responsibilities and needs. For example, giving developers access to repositories while granting AppSec-Managers access to security findings and reports.

  2. Onboarding New Team Members: When a new team member joins, efficiently onboarding them by configuring their access permissions, setting up their accounts, and providing the necessary credentials.

  3. User Offboarding: When team members leave or transition roles, ensuring that their access is promptly revoked or modified to prevent unauthorized access.

  4. Fine-Grained Access Control: Implementing granular access controls to restrict or grant access to specific features, reports, or integrations based on user requirements.

  5. Security Compliance: Enforcing access controls to comply with security regulations, ensuring that sensitive data and functionalities are only accessible to authorized personnel.

  6. Integration Management: Configuring and maintaining integrations with external systems, including Single Sign-On (SSO) and SAML, to streamline user authentication and access.

  7. User Group Creation: Creating user groups to simplify access management for specific projects, departments, or teams.

Getting it done