Settings
Learn how to make important settings for your organization and account.
Last updated
Learn how to make important settings for your organization and account.
Last updated
You manage your central company data via the organization settings. Furthermore, organization-wide settings can be made:
Two-factor authentication for all team members Use this option to enforce 2FA for all users. Please note that 2FA must first be configured on the server side for a newly installed on-premises instance.
Submit technical analysis data Use this option to help us better counter new threats and vulnerabilities. Only technical data is transmitted, such as the manufacturer name and software version.
Third-Party: G Data CyberDefense Before you can use Defence you must accept the G Data Eula.
To protect your Enginsight environment from unauthorized access in addition to your password, you should set up a two-factor authentication.
Sensitive functions are always additionally protected by a second factor (e.g. creating plugins or changing settings). Nevertheless, we recommend to request an additional authentication already at login:
Go to Settings → 'User Account'
Open the 'Advanced Settings'
Activate the 'Two-Factor Authentification at Login'
Depending on what information you have stored in your user account, you will be offered different options for two-factor authentication:
Authenticator and cell phone number added: Authenticator and SMS are offered
Authenticator added, no cell phone number: only Authenticator is offered
Added cell phone number, no authenticator: only SMS is offered
SMS is offered neither authenticator nor cell phone number added: e-mail is offered
We do not recommend authentication via e-mail. Therefore, you should always provide a cell phone number or add an authenticator. By using both options, you minimize the chance of losing access to your Enginsight account for too short a time. If you still do not have access to your account, please contact support: support@enginsight.com
Go to 'Settings' → Multi-Factor Authentication
Click on 'Add Authentication Code'
Scan the QR-Code with the Authenticator App on your mobile device or enter the Authenticator Code manually
Test the Authentication via App
In the Team Members area you get an overview of all users that have been added to the specific organization.
You have only one organization?
Select Add new user, to add new users.
You have multiple organizations?
Add New User: Add a user who is not yet in a shared organization.
Invite existing user: Add a user to the organization that already exists in other shared organizations.
With roles, the 'Permissions' of all team members can be individually designed and easily managed. You can either create individual roles or assign system roles.
Go to 'Settings' → 'Team Members'
Click on the desired team member
Assign one or more roles to the user and save the settings.
Individual roles allow you to assign view, edit and delete rights for each individual function according to the needs of your work organization.
Go to 'Settings' → 'Roles'
Assign a name and a description.
Define under 'Permissions' which rights the respective role should have.
All important functions of the Enginsight platform can be assigned customized permissions.
The structure of each permission follows the same principle.
FUNCTION_ and following:
Permission | Meaning |
---|---|
* | All permissions of the corresponding function |
EDIT | Permission to make adjustments |
CREATE | Permission to add a new entry |
REMOVE | Permission to delete an entry |
If not all permissions are available for certain functions, this is because the operation is generally not possible. (For example, invoices cannot be deleted).
Permissions can be set for the following functions.
Permission | Meaning |
---|---|
* | All functions. |
PDFREPORTS | PDF-Reports |
Permission | Meaning |
---|---|
CONFIGURATIONLISTS | Configurations-Lists |
CONFIGURATIONPOLICIES | Configurations-Policies |
Permission | Meaning |
---|---|
ISSUES | Issues |
MAINTENANCES | Maintenance periods |
Permission | Meaning |
---|---|
HOSTS | Hosts |
PLUGINS | Plugins |
Permission | Meaning |
---|---|
ENDPOINTS | Endpoints |
Permission | Meaning |
---|---|
OBSERVATIONS | Observations |
Permission | Meaning |
---|---|
SHIELD | Shield |
Permission | Meaning |
---|---|
PENTEST | Open Penetration Testing |
AUDITS_CREATE | Start pentest |
AUDITS_VIEW | See pentest results |
AUDITTEMPLATES | Templates |
TARGETGROUPS | Target Groups |
HACKTORS | Hacktor |
Permission | Meaning |
---|---|
DISCOVERIES | Asset Discovery |
INVENTORY | |
WATCHDOG | Watchdog |
Permission | Meaning |
---|---|
ALERTS | Alerts |
WEBHOOKS | Webhooks |
Berechtigung | Bedeutung |
---|---|
ACCOUNT | Own Useraccount |
ACCESSKEYS | Accesskeys |
GROUPS | Groups |
INVOICES | Invoices (SaaS) |
ORGANISATIONS | Oganizations |
PAYMENTMETHODS | Payment methods (SaaS) |
ROLES | Roles |
SUBSCRIPTIONS | Subscriptions (SaaS) |
MEMBERS | Team members |
LICENCE | Licenses, Contingent Management (On-Premises) |
Reasonable authorization-combinations often depend on the individual needs of the respective IT department. We offer system roles for recurring requirements. Here we distinguish between owner, administrator, operator and guest.
Action Rights | Viewing Rights | No Access |
---|---|---|
🟩 | 🟨 | ⬜️ |
Owner | Administrator | Operator | Guest | |
---|---|---|---|---|
Dashboard | 🟩 | 🟩 | 🟨 | 🟨 |
Issues | 🟩 | 🟩 | 🟩 | 🟨 |
Hosts | 🟩 | 🟩 | 🟨 | 🟨 |
Endpoints | 🟩 | 🟩 | 🟨 | 🟨 |
Shield | 🟩 | 🟩 | ⬜️ | ⬜️ |
Penetration Testing | 🟩 | 🟩 | ⬜️ | ⬜️ |
Discoveries | 🟩 | 🟩 | ⬜️ | ⬜️ |
Observations | 🟩 | 🟩 | 🟨 | 🟨 |
Alerts and Issues | 🟩 | 🟩 | 🟩 | 🟨 |
Owner | Administrator | Operator | Guest | |
---|---|---|---|---|
User Account | 🟩 | 🟩 | 🟩 | 🟩 |
Password | 🟩 | 🟩 | 🟩 | 🟩 |
Multi-Factor-Authentication | 🟩 | 🟩 | 🟩 | 🟩 |
Roles | 🟩 | 🟩 | ⬜️ | ⬜️ |
Responsibilities | 🟩 | 🟩 | ⬜️ | ⬜️ |
Access Keys | 🟩 | 🟩 | ⬜️ | ⬜️ |
Groups | 🟩 | 🟩 | ⬜️ | ⬜️ |
Payment Methods (SaaS) | 🟩 | ⬜️ | ⬜️ | ⬜️ |
Plans (SaaS) | 🟩 | ⬜️ | ⬜️ | ⬜️ |
Invoices (SaaS) | 🟩 | ⬜️ | ⬜️ | ⬜️ |
Contingent Management (On-Premises) | 🟩 | ⬜️ | ⬜️ | ⬜️ |
Support | 🟩 | ⬜️ | ⬜️ | ⬜️ |
Define the responsibilities for the entire organization here. On the one hand, this is relevant for documentation reasons. On the other hand, you can use the definitions to efficiently manage your notifications in the event of alerts.
When you add an alert, the option "Inform responsible persons" is available. If you activate this option (default setting), the team members defined as security responsible will receive a notification.
In the case of alerts on hosts, the persons responsible for the host also receive a notification. In the case of alerts on endpoints, the corresponding endpoint owners receive a notification.
In addition, note the option to assign separate responsibilities for individual assets. The technical responsible person defined here also receives a notification if the "Inform responsible person" option is active for an alert.
Group your team members to efficiently assign the notification via alerts. For example, create a group for management, departments or admins.
Groups are independent of team member permissions. You always define permissions using roles.
In SaaS, you purchase a license by booking a subscription. Individual subscriptions apply to each organization. This means that you book one subscription per organization with its own contingents and periods. Newly created organizations therefore do not have a booked subscription at first. However, for a test period of 14 days you can already work with a small contingent.
Use the role model to restrict access to the subscriptions.
You always book the subscriptions for your organizations in the corresponding organization. Therefore, first always switch to the organization for which you want to book a subscription. Go to Settings → Subscriptions→ Checkout.
First, select the payment interval you want. You can choose between a monthly and yearly payment method. If you pay once a year, you will receive a discount.
Your SaaS account already includes a server license. In the next step, select additional licenses.
Server License: Authorized to install a Pulsar Agent on a server operating system.
Client License: Authorized to install a Pulsar Agent on a client operating system.
Endpoint License: Authorized to monitor an endpoint (website or URL).
The other functions of the Enginsight platform (e.g. asset inventory, penetration testing, ping/port checks and SNMP) only require SaaS access and are not licensed separately.
Select the preferred payment method or add a payment method.
You have the choice between:
Credit card and
SEPA direct debit.
Specify your billing address. By default, the organization's address is entered. However, you can choose a different invoice address as well as a different invoice recipient.
You can make adjustments to your booked subscriptions at any time. Payments that have already been made will be offset.
Offsetting will happen on the invoice document only. The platform will always show you the cost of the selections made.
To cancel a subscription, click Cancel at Settings → Subscriptions. There are no cancellation periods.
You will receive the invoices as an email. You can also retrieve them in the corresponding organization at Settings → Invoices.
Use the role model to restrict access to the invoices.
Learn how to manage your licences and organisations in the On-Premises version of Enginsight.