Panoptic Scans
Features Pricing Blog Docs
Sign up

Existing customer? Sign in

Organizations

Organizations let multiple users collaborate under a single shared workspace. Scans, targets, vulnerabilities, webhooks, and reports are visible to every member of the organization, so your team can work together without duplicating effort or juggling separate accounts.

Creating an organization

Go to Settings → Organization and enter a name, then click Create Organization. The user who creates the organization becomes its owner. All of your existing scans, targets, vulnerabilities, and webhooks are automatically migrated into the new organization.

Note: A user can belong to only one organization at a time. If you already belong to an organization, you must leave it before creating or joining another.

Roles and permissions

Every organization member is assigned one of three roles. Roles determine what actions a member can take within the organization.

Role Capabilities
Owner Full control. Can manage members, change roles, transfer ownership, update the organization name and logo, send and cancel invitations, and delete the organization. There is exactly one owner per organization.
Admin Can manage members (invite, remove), update the organization name and logo, and send or cancel invitations. Cannot change member roles or transfer ownership.
Member Can view and use all shared resources (scans, targets, vulnerabilities, reports) but cannot manage other users or change organization settings.

Inviting users

Owners and admins can invite new users from the Organization settings page.

  1. Enter the email address of the person you want to invite.
  2. Choose a role — Admin or Member.
  3. Click Send Invitation. The invitee receives an email with a link to accept.

Invitations expire after 7 days. If an invitation expires or the recipient hasn't acted on it yet, you can resend it from the pending invitations list. You can also cancel a pending invitation at any time.

When the invitee accepts, they join the organization with the assigned role and their existing scans, targets, vulnerabilities, and webhooks are migrated into the shared workspace.

Info: The invitation must be accepted by a user whose email address matches the one in the invitation. If the invitee does not yet have a Panoptic Scans account, they will be prompted to register first.

Removing users

Owners and admins can remove members from the organization settings page by clicking Remove next to the member's name. The removed user loses access to all shared resources. If the removed user held the organization's subscription or Vanta connection, those are automatically reassigned to the next eligible member (see below).

Members can also choose to leave voluntarily by clicking Leave Organization. The owner cannot leave — they must transfer ownership first or delete the organization.

Changing roles

Only the organization owner can change a member's role. From the member list, select a new role (Admin or Member) and save. The owner role itself cannot be assigned this way — use Transfer Ownership instead.

Transferring ownership

The current owner can transfer ownership to any other member of the organization. After the transfer, the previous owner is demoted to Admin and the new owner gains full control. This is useful when the original creator is leaving the team or a different person should manage the account.

Subscriptions

An organization's plan is determined by its subscription holder — the member whose paid subscription provides the plan tier for the entire organization. All members of the organization share the features and limits of that plan.

The subscription holder is assigned automatically:

  • When the organization is created, the owner becomes the subscription holder if they have a paid plan.
  • When a member with a paid plan joins an organization that has no subscription holder, they are automatically assigned.
  • When any member completes a checkout or switches plans, they become the subscription holder for their organization.

If the subscription holder leaves the organization or their subscription is cancelled, the platform automatically selects the next best candidate — preferring the owner, then admins, then members, and choosing the highest-tier paid plan among them. If no remaining member has a paid plan, the organization's subscription holder is cleared and the organization operates on the default plan.

Important: Each member's individual subscription stays with their account. The organization simply looks to one designated member's plan to determine the shared tier. If you need to upgrade the organization, the subscription holder (or any member) can upgrade their plan from the billing page.

Vanta integration

The Vanta integration works at the organization level. One member connects their Vanta account and becomes the organization's Vanta connection holder. Scan results for the entire organization are then synced to Vanta through that member's OAuth tokens.

  • When a member connects to Vanta from their profile settings, they become the organization's Vanta connection holder.
  • If a new member joins who already has a Vanta connection and the organization doesn't have one yet, they are automatically assigned.
  • If the current Vanta connection holder disconnects from Vanta or leaves the organization, the platform reassigns the connection to the next member who has a valid Vanta connection — preferring the owner, then admins, then members.

This means your compliance evidence continues to flow even if the person who originally connected Vanta is no longer on the team, as long as another member has an active Vanta connection.

Report logos

Organizations can upload a custom report logo that appears on generated PDF scan reports in place of the default Panoptic Scans branding. This is useful for consultancies and managed service providers who deliver reports to their own clients.

  • Owners and admins can upload or remove the logo from Settings → Organization.
  • The logo applies to all scan reports generated for the organization.
  • Supported format is PNG. For best results, use a logo with a transparent background.

Shared resources

Once an organization is created, the following resources are shared across all members:

  • Scans — All scans are visible to every member regardless of who created them.
  • Targets — Targets are shared so any member can create scans against them.
  • Vulnerabilities — Findings are aggregated organization-wide for unified triage.
  • Webhooks — Webhook configurations apply to the organization as a whole.
  • Reports — Any member can download or export reports for organization scans.