FutureVuls > English > Settings > Organization Settings

Organization Settings

Organization settings are only visible in the menu for users with owner privileges.

Organization

You can change the total number of registered servers and language settings for the organization.

Item	Description
Organization name	Name set when the organization was created
Total number of registered servers	Total number of servers registered in the organization
Scan all servers manually	Scan all servers in the organization at once
Payment method	Payment method of the organization
Setting the language of the organization	Change the language of error messages and other messages sent during the scan

batch scan all servers

This feature is also available on the Standard plan on a trial basis.

Performs a batch manual scan of all servers registered in the organization, using the package information from the most recent scan.

Once an organization batch scan is performed, it cannot be performed again for one hour. Please check the date and time of the last batch scan and rescan after one hour has elapsed.

The actual equipment will not be accessed. Also, only servers that have been scanned during the transition to April 2021 will be scanned.

Members

You can grant “Owner” and “CSIRT” privileges to members invited to the organization, manage groups they belong to, and delete members.

Owner Authority Settings

Users who have been granted “Owner” privileges can configure all “Organization” and “Group” settings.

Press the “Change permissions” button for the user in question to change the user’s permissions.

Managing Groups to which a user belongs

Click the Group Management icon to view and edit the groups to which members belong.

Invite a member to the Organization

Click “Add User” at the bottom of the list to display a dialog box for adding a user.

You can add multiple users to an organization at once by entering newlines or comma separated lines.

Invited users are not assigned to a group and cannot check vulnerability information, etc. Please invite them to a group.

Deleting an organization member

If you delete a member from the “Organization Settings”, the account information will be deleted from the organization and the member will not be able to access the organization.

To delete a member from the organization, click the ⊖ icon of the member to delete.

The user’s account will remain in FutureVuls even if the user is removed from the organization. See [remove user from org](/en/manual/user_management/#remove userfromorg) for details.

Groups

You can manage groups in the org or create new groups.

Create Group

Click “Create Group” at the bottom of the list to open a dialog box to create a new group. Enter a group name and create it.

To delete a group, you can delete it from the group’s detailed settings screen (click the group settings button at the right end of the list).

User Management

Click the User Management icon to view and edit users belonging to a group.

Transition to the group

Clicking the icon in the center will take you to the vulnerability page of the group. Also, click the gear icon on the far right to go to the group’s detailed settings page.

If you do not have group administrator privileges, the gear icon on the far right will be disabled.

Also, a “Join” button will appear for groups to which you do not belong, and you can join the group by clicking the button.

Group Set

Available only for CSIRT plan org.

You can create a group set that binds multiple groups together. See groupset for details.

Set up automatic triage

Available only for CSIRT plan org.

You can configure automatic triage settings to automatically grant Danger status or hide the relevant vulnerabilities. For details, please refer to automatic Danger grant.

Audit Log

Available only for CSIRT plan org.

Allows you to check the history of user operations performed in the organization. See audit log for details.

Special alert tags

Available only for CSIRT plan org.

You can set your own alert tag for vulnerability information. See special alert tags for details.

Security

Make two-factor authentication mandatory for organization members

You can prevent members of your organization from performing operations if they have not set up two-factor authentication.

When you press the MFA settings switch, a confirmation dialog will appear, and you can enable the settings by clicking the “OK” button. If this setting is enabled, members of the organization who have not set up two-factor authentication for password login will see a message and will not be able to perform operations. You can enable the operation by enabling two-factor authentication from “Profile > Two-Factor Authentication”.

Note that when logging in with SSO or using Google login, operations will not be restricted even if two-factor authentication is not set up. If you want to make two-factor authentication mandatory, please configure it on the provider side.

To turn off the settings, you can disable them by pressing the MFA settings switch again under “Security”.

Restrict access using IP address

IP restrictions are available by adding a range of IP addresses (in CIDR format) to the organization’s configuration page.

Details of IP address restrictions are as follows.

If no IP range is set, connections from all IP addresses are allowed
If even one IP range is specified, access is allowed only from the specified IP range.
The IP address of the configurator (the person connecting) cannot be restricted (you must first specify your own IP address)
What is restricted by this IP restriction is the console screen and the developer API (uploads from the scanner are not restricted)

How to set up

Open the configuration page of the organization and click ADD on the Register accessible IP addresses card.

Enter the IP address you want to allow in CIDR format and click SUBMIT.

If the registered IP address is displayed as shown below, the IP restriction is enabled.

Configuration

Copy server information to another group

This function supports when you want to move the registered server to another group.

This function does not support transferring servers between organizations.

After selecting the server to be moved and the group to which the server will be moved, copying of the server information will begin.
The information of tasks registered on the source server is subsequently copied to the copied server.
If the server is registered from the scanner, change the group ID and scanner token registered on the scanner.
- You can change them by deleting /opt/vuls-saas/config.toml in the server and then install scanner from group settings at the destination.
After migration, please check the new server and delete the old server.