Manage members | Fluid Attacks Help

Manage members

Members on the Fluid Attacks platform are individuals who have an account that permits them to at least access one organization, which in turn is the representation of a company or enterprise in the platform.

Organization-level members

Organization members can access the the organization's Analytics and Policies sections. Some organization-level member roles allow individuals to give access to new members or configure policies.

To view members at the organization level, navigate to the Members section from the initial screen upon logging into the platform.

Manage members on the Fluid Attacks platform

Group-level members

The members of a group are the users who can access it to visualize information or manage vulnerabilities, security testing scope, tags, etc. Only if you have the Group Manager role, can you addedit or remove users. Access these functions through the Members section within your group.

Manage group members on the Fluid Attacks platform

Inactivity policy

Your organization may define the number of days that shall pass before a member is automatically removed due to inactivity (i.e., their not logging in to the platform nor using their access tokens). Refer to Manage security gates for more information.

Upon entering the Members sections, a banner informs you of your organization's inactivity policy. This message is shown only once daily. Below is an example screenshot.

View inactivity policy on the Fluid Attacks platform

Members table

The tables in the Members sections display the following information:
  • User email: The person's email address
  • Role: The role that the person has in that organization or group
  • First login: The date and time of the member's first login to the organization or group
  • Last activity: The time of the member's most recent login or access token usage
  • Registration status: The person's current registration status:
    • Registered: The person has registered to the platform
    • Unregistered: The person has not registered to the platform nor been sent an invitation to register
    • Pending: The person has been sent an invitation to register to the platform but has not yet registered
  • Actions: Allows resending an invitation to a person who has not yet accepted it

Invite members

Role requirement infoRole required: Group Manager or Organization Manager
Follow these steps to add new members at the organization or group level on Fluid Attacks' platform.
  1. Go to the Members section. You can access the organization-level section by clicking on its item in the collapsible menu. To access the group-level section, open the group from the Groups section and select the Members tab.

  2. Click on Invite a member. This causes a pop-up window to appear.
    Add new member on the Fluid Attacks platform

  3. In the pop-up window, enter the new member's email and role. Only email addresses corresponding to valid Azure, Google, or Bitbucket accounts are accepted.
    Configure member on the Fluid Attacks platform

  4. Click the Confirm button to send the invite. The user then receives an email asking them to accept their invitation.

Notes:
  1. If the added person's email is not in the list of authors, a warning will ask you to confirm that they are part of your company.
  2. Invitations expire seven calendar days after delivery.
While you wait for the acceptance of the person you invited, their information in the Registration status is 'Pending', and a button is made available in the Actions column for you or other authorized member to resend the invitation if needed.

Invite member on the Fluid Attacks platform

Edit a member's role

Role requirement infoRole required: Group Manager
The Manage members button allows you to modify a member's role or delete the member. Follow these steps to edit roles:

  1. Select the member to edit and click on Manage members.
    Edit group member on the Fluid Attacks platform

  2. Select Edit from the drop-down menu.
    3. Edit member on the Fluid Attacks platform

  3. Modify the member's role in the pop-up window.
    Edit member role on the Fluid Attacks platform

  4. To save the changes, click on Confirm.

Delete members

Role requirement infoRole required: Group Manager or Organization Manager
The Delete option available in the Manage members menu allows you to delete one or multiple members. Follow these steps:
  1. In the Members section, select the members you want to delete by clicking their respective checkboxes on their left.

  2. Click on Manage members.

  3. Click the Delete button.
    Remove member on the Fluid Attacks platform

  4. A pop-up window appears, asking you to confirm the removal of the selected members.
    Confirm member removal on the Fluid Attacks platform

    5. However, if the selected people own credentials that are in use by the organization, you have to follow the link to Scope and change the credentials of the resources that are shown to you in the window. Then you may come back and successfully delete the member.
    Change credentials to delete member on the Fluid Attacks platform

    If the selected people own unused credentials in the organization, you are informed that by proceeding you delete those credentials as well.
    Delete credentials and member on the Fluid Attacks platform

  5. Clicking Confirm or Continue automatically deletes the selected members from either the entire organization or the specific group, depending on the Members section you are currently in.
Notes:
  1. Members are always subject to automatic removal after a period of inactivity.
  2. You can modify the organization policy that specifies the number of days of inactivity after which members are automatically removed from groups.
  3. The above policy defaults to 90 days.

Export the members table

Role requirement infoRole required: Group Manager or Organization Manager
Note: Vulnerability Managers can view and export the members table at the group level.
Clicking the Export button downloads a CSV file containing all the information displayed in the members table you are currently viewing.

Export members on the Fluid Attacks platform

Search the members table

Role requirement infoRole required: Group Manager or Organization Manager
Note: Vulnerability Managers can search the members table at the group level.

The search bar filters the information displayed by the table. Just type the content you are looking for so that only the rows containing it are shown.

Filter the members table

Role requirement infoRole required: Group Manager or Organization Manager
Note: Vulnerability Managers can filter the members table at the group level.

The group-level members table offers filters accessible by clicking the filters button (Find filter button on the Fluid Attacks platform).

Filter members table on the Fluid Attacks platform

You can filter member data by Role and Registration status. Click Apply to proceed.

Use filters in Members on the Fluid Attacks platform


Free trial
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.