User Permission Matrix

Action	Admin	Manager	Team Lead	Developer	Pentester
View Organizational Dashboard	✓	✓+	✓*	✓*
View Projects	✓		✓*	✓*	✓**
Add Projects	✓		✓
Edit Projects	✓		✓*
Delete Projects	✓		✓*
Scan Projects	✓		✓*
View Files in Projects	✓		✓*
Import Files to Projects	✓		✓*
View Images in Projects	✓		✓*	✓*
Add Products	✓
Edit Products	✓
Delete Products	✓
View Products	✓	✓+
Add/Remove Business Units to Products	✓	✓	✓
Add Endpoints	✓		✓*
View Endpoints	✓		✓*	✓*
View Vulnerabilities	✓	✓+	✓*	✓*	✓**
View Duplicate Vulnerabilities	✓	✓+	✓*
Add Screenshots to Vulnerabilities	✓		✓*		✓**
Assign Endpoints to Vulnerabilities	✓		✓*
Manually Import Vulnerabilities	✓		✓*		✓**
Close Manually Imported Vulnerabilities	✓		✓*
Assign Issues	✓		✓*
Mark as False Positive	✓		✓*
Mark as Won't Fix	✓		✓*
Change Severity	✓
Leave Comments	✓
View Comments	✓	✓+	✓*	✓*
Request False Positive	✓			✓*
View SBOM	✓	✓+	✓*	✓*
Add SBOM	✓		✓*
Delete SBOM	✓
View Users	✓		✓*
Add Users	✓		✓***
Edit Users	✓		✓***
Delete Users	✓
View Teams	✓		✓*
Add Teams	✓		✓
Edit Teams	✓		✓*
Delete Teams	✓
Create / Download Reports	✓
Enter Remediation Advice	✓
Add Labels	✓
Edit Labels	✓
Delete Labels	✓
View ASVS	✓		✓*	✓*
View Logs	✓
View Committer Benchmark	✓	✓+	✓*
View Settings	✓
Add Integrations	✓
Edit Integrations	✓
Delete Integrations	✓

📘
✓*: Only shows data related to the team lead or developer's projects.
✓** : Users with pentester roles can view and take actions only on vulnerabilities they added or imported to Kondukto in projects where they have been assigned as a pentester.
✓***: Team leads can only add developers.
✓+: Only shows data related to "Business Unit(s)" that "Manager" users have access to.