New Feature: Row-Level Security & Role-Based Access Controls (RBAC)

Why we built Row-Level Security & Role-Based Access Controls

Arnica developed these enhancements to efficiently identify, categorize, and mitigate risks while ensuring data visibility is limited to relevant stakeholders. AppSec teams can confidently assign and prioritize tasks, leveraging row-level and product-level security for secure access to findings and dashboards.

• Improved Data Security: The integration of row-level security and RBAC minimizes the risk of unauthorized data access, ensuring that sensitive information is only available to the right people.

• Streamlined Collaboration: By assigning roles and permissions, teams can work more efficiently, with access tailored to their responsibilities.

• Improved Developer Experience: Only show the relevant findings, risks, and product-level information to developers so that they can focus on risk mitigation they can affect.

• Regulatory Compliance: Adhering to data governance policies is easier with automated enforcement of access controls.

• Customizable Policies: Administrators have the flexibility to implement policies that reflect organizational needs and workflows.

What we built  

Role-Based Access Control (RBAC)

Enhance security, support compliance, and reduce risks with Arnica’s role-based access controls. Now, admins can assign roles to users which determine their level of access to resources and functionalities. Create custom roles for unique organizational requirements. Granular permissions ensure users only access what they need, managed through a centralized interface for easy updates.  

Row-Level & Product-Level Security

Arnica’s row-level security feature allows admins to control access to individual rows in a table based on their users’ identity or their assigned roles. Implement fine-grained access controls by applying filtering logic to restrict which rows a user can query, update, or delete.  

Within this workflow, we’ve also introduced new product-level security. Now developers can only see and engage with products they’re assigned to, preventing exposure to other risk findings from across the organization. This prevents unnecessary exposure and helps devs focus on the backlog risks they can fix themselves.

What’s Next?

Try Arnica’s Enterprise tier free for 14 days to experience the new risk backlog management workflows including RBAC and row-level security functionality.