Skip to content

User Profile

Profile (icon in the top-bar right) — personal account settings.

Particulars

  • First and last name — how teammates see you.
  • Avatar — upload a photo or auto-generate from initials.
  • Email — used for login and notifications. Changing requires verification of the new address.
  • Phone — optional, for SMS notifications about critical findings (Enterprise).
  • Job title — for context in reports ("approved by Jane Doe, CISO").

Security

Changing password

  1. Profile → Security → Change password.
  2. Enter current password + new twice.
  3. Save.

All active sessions except the current one are automatically terminated (force logout).

Two-factor authentication

See Sign Up and Login.

Active sessions

Profile → Security → Active sessions — list of all your active sessions (browser, OS, IP, last activity).

  • Sign out — a specific session.
  • Sign out everywhere — all except the current one.

API tokens

If you use the platform via API (your own automation, scripts):

  1. Profile → API tokens → Generate new.
  2. Give it a name (for clarity).
  3. Pick scopes (read-only / read-write / specific permissions).
  4. Save the token — it's shown only once, only a hash is stored afterward.

Details — REST API.

Preferences

  • Language — Ukrainian / English. Applied immediately without re-login.
  • Theme — Light / Dark / System.
  • Timezone — for timestamp display. Defaults to the organization's tz.
  • Email digestinstant / hourly / daily / weekly — how often to receive a notification digest.

Notification preferences

Per-user settings (in addition to the organization's rules):

  • Which finding types to show as in-app notifications.
  • Whether to receive digests.
  • Digest delivery time (e.g., "09:00 in my timezone").

Report subscriptions

The list of reports you're subscribed to. You can:

  • Unsubscribe — stop receiving.
  • Subscribe — to an existing report.

Account deletion

  1. Profile → Account → Delete account.
  2. If you are the only Admin of an organization — promote another user to Admin first.
  3. Confirm with password.
  4. 30 days to cancel — message support and your account is restored.
  5. After 30 days — data is permanently removed. Attribution in findings/audit log becomes [deleted user].