Admin
Users & roles
This is where you decide who can use ThreatWeaver and what they're allowed to do. You manage the list of people in your workspace, assign each of them a role, and — if you need more than the built-in roles — build your own roles with a precise set of abilities.
What it's for
- Add and manage people — create accounts, set roles, and deactivate or lock accounts when someone leaves or an account looks compromised.
- Assign the right level of access — give each person a role that matches what they need to do, from read-only viewing to full administration.
- Tailor access precisely — create custom roles that grant only the specific abilities a team needs.
The screens in it
User management has three tabs across the top:
- Users — the people in your workspace, with search, filters, and a detail panel for each person.
- Roles — the roles you can assign, including any custom roles you create.
- Permission Matrix — a single grid that shows, at a glance, which abilities each role has.
The Users tab
Controls
| Control | What it does |
|---|---|
| Add User | Opens a dialog to create a new account (see the workflow below). |
| Search | Filters the list by name or email as you type. |
| All Roles | Narrows the list to a single role. |
| All Statuses | Narrows the list to Active, Inactive, or Locked accounts. |
| Column headers | Click a sortable header to sort the list; click again to reverse it. |
| A user row | Click a row to open that person's detail panel inline. |
The user detail panel
Clicking a person expands a panel with their profile on the left and their activity and security on the right.
| Field | What it shows or does |
|---|---|
| Full Name | The person's display name — editable here. |
| Role | The role assigned to the person — change it from the picker. |
| Status | Active, Inactive, or Locked. Set a person inactive to suspend access without deleting the account; locked accounts can't sign in. |
| Two-Factor Auth | Whether the person has set up two-factor authentication. |
| Account Created | When the account was created. |
| Last Login | When the person last signed in, with the address they came from. |
| Failed Login Attempts | Recent failed sign-in attempts — a spike can signal a problem. |
| Reset Password | Sets a new password for the person (available to admins with the right to reset passwords). |
The Roles tab
Roles bundle a set of abilities so you can grant access consistently. ThreatWeaver ships with a set of standard roles — for example a full Administrator, an Analyst who works with findings, a read-only Viewer, a Pentester for offensive-testing work, and a Vendor Admin for external/vendor accounts — and you can create your own.
| Control | What it does |
|---|---|
| Role Name | The name of a new role you're creating (required). |
| Description | A short note explaining what the role is for. |
| Ability checkboxes | Grouped by area (for example User Management, Scans, Reports). Tick the abilities the role should have; tick a group heading to select all abilities in that group. |
| Create Role | Saves the new role so it can be assigned to people. |
| Edit (on a role) | Expands the role so you can rename it, change its description, or adjust its abilities. |
| Delete (on a role) | Removes a custom role after you confirm. |
Throughout ThreatWeaver, access is described in plain terms — "can manage users," "can reset passwords," "can view the audit log" — rather than by a technical code. Build a custom role by picking exactly those abilities.
The Permission Matrix
The Permission Matrix lays every role out as columns and every ability as rows, so you can compare roles side by side and confirm who can do what without opening each role one at a time.
Common workflows
Workflow: add a new person
-
On the Users tab, click Add User.
Step 1 — the Add New User dialog -
Enter the person's Full Name and Email Address, set an initial Password (the requirements checklist turns green as the password qualifies), and choose a Role.
Step 2 — filling in the new user's details and role -
Click Create User. The person appears in the list and can sign in with the details you set.
Workflow: create a custom role
- Open the Roles tab and give the new role a Role Name and an optional Description.
- Tick the abilities the role should have. Use a group heading to grant a whole area at once.
- Click Create Role. It's now available in the role picker for any person.
Workflow: suspend someone's access
- On the Users tab, find the person and open their detail panel.
- Set Status to Inactive (to suspend) or Locked (to block sign-in after a security concern).
- The change takes effect immediately — the person can no longer sign in until you set them back to Active.