Start Free Trial
Book Demo
Login

Advanced Access Management

teams in steadybit

Control experiment permissions with users, teams, and environments

With Role-Based-Access-Control (RBAC) and custom environments, Steadybit ensures you have full control of the access and permissions of your users.

  • Define environments with metadata, custom attributes, and tags
  • Assign teams to specific environments to limit access
  • Manage fine-grained permissions for users and roles
icon-explorer

Create Environments

Group your discovered targets into defined environments with parameters

icon-add-user

Assign Users to Teams

Invite and group users into teams with granular permissions

icon-team

Set Team Permissions

Designate which actions like attacks and checks a team is allowed to use in which environment

query to define environments

Define environments to organize target limits for teams

Environments in Steadybit allow you to organize groups of discovered targets. You can use environments to limit the scope of testing and ensure that no team unintentionally impacts infrastructure from another team.

We make it easy with a Query UI or you can use our intuitive query language with metadata and tags to fully control and customize the logic.

team members in steadybit

Create teams and invite users

Admins in Steadybit can create teams to organize users with fine-grained access controls. For example, you might create teams to group users by skill level, project assignments, or job function. By default, users will be able to view all experiments as read-only. They will only be able to manage or run experiments after they have been added to a team with sufficient permissions.

You can synchronize teams with your identity provider (IdP) using an OIDC attribute, or with LDAP if you’re working On-Prem.

experiment action permissions - 4

Set team-level action permissions

For each team, you can specify exactly which actions are available to users, including which attacks a team is permitted to execute and which environments the team is allowed to operate on. We recommend thinking of these these permissions as a maximum blast radius for a given team.

assigning teams to environments - 5

Associate teams with environments

Once you have specified the team’s user permissions, you can assign the team to specific environments. This RBAC functionality allows you to fully manage users with confidence. Users can be added to multiple teams and teams can be assigned to multiple environments.

For example, if you have a group of users who are brand new to running experiments, you can add them to a team with limited access to only a few attack types and assign them to a narrowly-defined environment to reduce the potential blast radius.

Want to learn more?

We’d be happy to answer any questions you have on your specific tech stack and permissions approach. Just book a call and our team will be happy to share more.

Schedule a call