User and Access
The "Users" and "Access" sections manage user accounts, roles, and permissions, ensuring controlled access to the system and its resources based on assigned privileges.
An overview of the currently active roles can be found in the "Users & Access" > "Roles" section from the main menu on the panel on the left-hand side of the screen.
There are three main user types in Kikimora:
Super Admin - a Kikimora administrator;
Security Analyst
IT Engineer
Click on "Users & Access" > "Users to see" the users (with their names, emails, company names, etc.) and their roles and status.
To delete a user, click on the three dots menu in the "Actions" column at the end of the user's row, and click the "Delete" button. Click on the edit icon again in the "Actions" column to edit a user's details, role, and status.
Roles Access Detailed Description
Below is a detailed description of what each role has access to. The tick mark [✅] means the user has full access to all functionalities, and the cross mark [❌] means a user has access to none. [N/A] implies that the access is Non-applicable. Any partial access is described additionally.
Manage System Licence
all
✅
❌
❌
Own profile + password management
✅
✅
✅
Projects
List records
✅
own projects only
❌
Create
✅
✅
❌
View/read a single record
✅
Can only read their own projects
❌
Update
✅
Can only update their own projects
❌
Delete
✅
Can only delete
their own projects
❌
Projects > Inputs
List records
✅
Can list only inputs for own projects
❌
Create
✅
Can create inputs for own projects
❌
View/read a single record
✅
Can read inputs for own projects
❌
Update
N/A
N/A
N/A
Delete
N/A
N/A
N/A
Projects > Vulnerabilities
List records
✅
Only vulnerabilities added to their projects
Only if they are some of the owners of the vulnerability
Create
✅
Only vulnerabilities for their own projects
❌
View/read a single record
✅
Only their own vulnerabilities
Only if they are some of the owners of the vulnerability
Update
✅
only their own vulnerabilities
Only owners can update the status, impact, remediation, and comment fields. Note: They cannot change the ownership
Delete
✅
only their own vulnerabilities
❌
Change log
✅
only of their own vulnerabilities
only if they are one of the owners of the vulnerabilities
Projects > Attached documents
List records
✅
❌
Create
✅
❌
View/read a single record
✅
Only documents attached to their own projects
❌
Update
N/A
N/A
N/A
Delete
✅
Only documents attached to their own projects
❌
Networks
List records
✅
✅
only if they are some of the owners of the network
Create
✅
✅
❌
View/read a single record
✅
✅
only if they are one of the network owners
Update
✅
✅
❌
Delete
✅
✅
❌
Users
List records
✅
❌
❌
Create
✅
❌
❌
View/read a single record
✅
❌
❌
Update
✅
❌
❌
Delete
✅
❌
❌
Dashboard
List records
✅
✅
❌
Consulting
Create
✅
✅
❌
View/read a single record
✅
✅
❌
Global assets
List records
✅
✅
only if one of the global asset owners
Create
✅
✅
❌
View/read a single record
✅
✅
only if one of the global asset owners
Update
✅
✅
❌
Delete
✅
✅
❌
Last updated