Instance Administrator

Learn more about the Cortex XDR predefined user role called Instance Administrator.
The
Cortex
XDR
predefined user role called
Instance Administrator
provides full access to the app instance for which this role is assigned.
The Instance Administrator can also make other users an Instance Administrator for the app instance. If the app has predefined or custom roles, the Instance Administrator can assign those roles to other users.
The Instance Administrator can only assign permissions to the other user from the
Cortex
XDR
Management Console.
Instance Administrator
Navigation Headings
Components
Permissions
Additional Action Permissions
None
View
View/Edit
Edit/None
DASHBOARDS & REPORTS
Dashboards
Ingestion Monitoring
Reports
INCIDENT RESPONSE
>
Incidents & Alerts
Alerts & Incidents
>
Investigation
Query Center
Personal Query Library
Forensics
Host Insights
>
Response
Action Center
Isolate
Terminate Process
Quarantine
EDL
File Retrieval
File Search
Destroy Files
Allow List/Block List
Disable Response Actions
Remediation
Delete Quarantined files
Agent Scripts Library
Run Standard Script
Run High-Risk Script
Script Configurations
Live Terminal
DETECTIONS & THREAT INTEL
>
Detections
Rules
Prevention Rules
Request WildFire Verdict Change
Assets
Network Configuration
Compliance
Asset Inventory
Endpoints
Endpoint Administrations
Endpoint Management
Retrieve Endpoint Data
Endpoint Scan
Change Managing Server
Pause Protection
Endpoint Groups
Endpoint Installations
Endpoint Prevention Policies
Global Exceptions
Endpoint extension policies
Endpoint Profiles
Host Firewall
Device Control
Rules
Exceptions
Settings
>
General Settings
Auditing
General Configuration
Alert Notifications
>
Cortex XDR - Analytics
On-demand Analytics
>
Broker VMs
Broker Services
Pathfinder Applet
Pathfinder Data Collection
>
Data Collection
Log Collections
External Alerts Mapping
>
Integrations
Public API
Threat Intelligence
EDL Configuration

Recommended For You