Groups provide structure and flexible access controls.

As an Organization Owner, you can manage access to your organization’s assets and their associated pentests and findings.

Watch a demo video going over the Groups feature:

Create a Group

Assign Organization Members into a group:

  • Navigate to the People page, and then to the Groups tab.
  • Select Create Group.
  • The Create Group screen prompts you for the following:
    • Group Name: Set up a descriptive name to easily identify the group.
    • Description: Add information to further describe the group.
    • Members: Select from a list of all Organization Members within your organization. These users will have exclusive access to the group’s associated assets, and their pentests and findings.
      • Organization Owners and Cobalt Staff will not appear in this list but will still have access to all assets.
      • Pentest Team Members that are not part of your organization can still be manually added to each pentest.
  • Select Create Group.

Create group page

View and Manage Groups

Groups main page

On the Groups page, you can:

  • Create a group
  • View all of the groups within your organization
  • Manage groups. Select the three-dot icon under Actions, and then select the desired option:
    • Edit Group to modify group details
    • Delete Group, if it doesn’t have associated assets

Group Details Page

Group details page

On the group details page, you can:

  • View associated assets
  • View group members
  • Edit group details
  • Delete the group, if it doesn’t have associated assets

Assigning a Group to an Asset

You can assign a group to multiple assets during asset creation or editing.

Groups field in asset form

  • The Asset screen will prompt you for the usual details.
  • You will additionally see an Assigned Group field. This is by default set to the ‘All Org Members’ group. Select from the dropdown to choose another group within your organization.
    • Organization Members will only be able to assign groups they are already part of when creating new assets, and do not have permissions to reassign the group once the asset has been created (Organization Owners and Cobalt Staff are able to do both).
  • Once created, the asset and any of its pentests and findings will be accessible to its assigned group.

Access and Permissions

Only Organization Owners can create, manage, and view all groups across their organization.

While assets can be associated with particular groups and their members, Owners will always still have access to all assets in the organization as well.

Organization Members only have read-only access to groups they are members of.

  • Org Members can view and manage assets that belong to their groups. They, however, cannot reassign an asset’s group once the asset has been created.
  • Org Members can access every pentest and finding that belong to their groups’ assets.

For more information about user permissions, see User Roles and Permissions.

Frequently Asked Questions

Click to view answers.

How do I know which group owns an individual pentest?

Will all of a pentest’s collaborators carry over when I copy the pentest?

Are groups required?

Was this page helpful?

Yes No Create an Issue

Last modified May.05.2024