Members & roles

Members are the people in your organization. Each member has a role that sets the baseline of what they can do, and finer-grained access is layered on top with allow-rules.

Roles

BestDefense uses a small set of roles:

• Admin — manages the organization: members, teams, billing, integrations, and settings. Admins have the broadest access.
• Editor — creates and manages scans, reports, and integrations, subject to the allow-rules assigned to them.
• Viewer — read-only access. Viewers can open reports and explore findings but can’t change anything.

Roles set sensible defaults. To grant or restrict specific actions beyond the role — like triggering remediation or managing integrations — use allow-rules.

Inviting members

1. Open your organization’s members area.
2. Choose to invite a member and enter their email address.
3. Pick the role they should have.
4. Send the invite.

The invitee receives an email, acknowledges it, and accepts to join your organization. Until they accept, the invite is pending.

For pending invites you can:

• View the list of outstanding invites.
• Resend an invite if it was missed.
• Cancel an invite that’s no longer needed.

Note

An invited person joins the specific organization that sent the invite. If you work across multiple organizations, make sure the right one is active before you invite someone.

Changing roles and removing members

Admins can change a member’s role or remove a member from the organization. Removing a member revokes their access to the organization, including every team they belonged to.

Caution

An organization always needs at least one admin. The app prevents you from removing or demoting the last remaining admin — promote someone else first if you need to step down.