When you invite a user to UpGuard, you can set permissions base on a custom role or set custom permissions for the specific user. In general, we recommend relying on roles as it makes it easier to manage your account as you scale.
Set permissions is broken down into four sections:
The Account section lets you select a role and decide whether the user(s) can administer your UpGuard account (invite users and access settings)
The BreachSight section lets you toggle BreachSight on or off. Once toggled on, you can decide whether to grant full or read-only access to BreachSight's core features (Executive Summary, Risk Profile, Risk Waivers, Domains, IP Addresses, Vulnerabilities, and My Shared Profile). You can also enable or disable Identity Breaches and Typosquatting features.
3. Vendor Risk
The Vendor Risk section lets you toggle Vendor Risk on or off. Once toggled on, you can decide whether to grant full or read-only access to Vendor Risk's core features (Executive Summary, Portfolio Risk Profile, Vendors, Remediation, Questionnaires, Shared with Me, and Fourth Parties). You can also enable or disable Risk Assessment and Questionnaire Builder features.