Automation Exclusion Center permissions ↗
Configure Automation Exclusion Center permissions.
Controls access to the Automation Exclusion Center ( → → → ), which prevents a command or script from a remediation action. For more information, see Automation Exclusion Center.
Permission | Description | Roles Example |
|---|---|---|
None | Cannot access the Automation Exclusion Center, view any exclusion policies, or view excluded assets. | SOC Tier 1: Do not need to view exclusion policies or excluded assets. |
View | Can access the Automation Exclusion Center (read-only), view exclusion policies, excluded assets and counts, and view policy compliance status. | SOC Tier 2 and 3 Analysts and Threat Hunters: Need View access to help understand automation behavior. |
View/Edit | All View capabilities, plus create new exclusion policies, edit existing policies, delete policies, manage asset exclusions, and update policy rules. | Security Engineers: Need to configure automation behavior and permissions. |