Understand how to use Teams to mimic your company’s structure better and address its needs.
Please note that this feature is only available for Probely Plus.
Teams provide a way for you to group Users, API keys, and Targets in one place so that managing them becomes easier and time-efficient.
You can create multiple teams for one account. Teams act as independent units/groups and help you separate and assign targets for each team, limit the number of targets, set scopes, and user roles. One user can be added to different teams and assigned roles that don’t affect one another, such as an admin, developer, or a custom role.
Teams allow you to:
- Manage users and targets in bulk, increasing your account management efficiency
- Assign a target quota, limiting the number of targets a team can create
- Reserve target slots, preventing other teams from using the reserved target slots
You can create Teams on your account to mimic your organization’s structure, adding a team for each department or group of individuals working in the same context/projects. Then you can add those projects as targets to the team, so everyone on the team can access them.
Teams are particularly relevant if you need to define team members’ access to specific projects.
Use Case #1 - Mimic your company’s structure with teams
The most common case is when your organization has different teams (or business units), and each team owns different projects or responsibilities. You don’t want a member of team A to see or start scans on targets from team B and vice-versa.
You can even go deeper and set limits on the number of targets for a particular team. Imagine that team B has 10 targets and the license for the 10 targets comes from their budget. You can limit and reserve 10 targets for that particular team so that they cannot exceed the 10 targets, and no other team can “steal” from their 10 slots.
Use Case #2 - Using Teams as groups and managing user access
Suppose a team member needs to be able to list some targets and start scans. Instead of giving them access to the whole account or setting up a target-specific role for all targets, you can add the corresponding targets to the team and assign a team-specific role to that team member.
It may also be the case that a certain team member requires access to more than one team or even different types of access roles, depending on the scope. One team member can have different roles on different scopes and access several teams or even the entire account depending on the roles/scopes given to them.
For example, a user that works on multiple projects at once can simultaneously have the following roles:
- Developer for the entire account, in which case you should assign it the Developer role on the account level scope, allowing it, for instance, to view every target.
- SecOps for a specific group of projects, in which case you should assign the SecOps role on a specific Team.
- Admin for a specific project they manage, in which case you should assign the Admin role to another Team or even a specific target.
Use Case # 3 - Using API keys to manage access within teams
You can do the same for API Keys by accessing the new menu entry API Keys and either adding a new API Key or editing an existing one.
Just like for Users and API Keys, you can also define a specific target’s scope by adding a new target or editing an existing one. Suppose you assign a target to a team. In that case, members of that team can access it. Depending on the role they have in the context of that team, what they can do on the target may vary.
Suppose the target is bound to the account / global level. In that case, only users with a Global role can list/view/change or otherwise interact with that target. Depending on their role in a global/account context, what they can do on the target may vary.
- A user with Global (account) access can access all targets
- A user with access to a specific team can only access targets that belong to that team
Note that a target can only belong to a team at once. Suppose a specific target belongs to a team, and you need to allow a user to access that target but don’t want to give them access to every target from that team. In that case, you can always assign a target-specific role to that user, going to the Users list, as explained above.