Agent Scripts Library permissions ↗
Configure Agent Script Library permissions.
The Agents Script Library in the Action Center ( → → → ) enables security teams to create, manage, and execute Python scripts on endpoints for response actions, forensic collection, and custom automation.
Permission | Description | Roles Example |
|---|---|---|
None | No access to the Agent Script Library. Users cannot run scripts on endpoints, access script execution history, create, edit, or delete scripts. | |
View | Users can access the Agent Script Library and view the script list, details, and code. Download the script code and definitions file and view the script history and results. | SOC Analyst Tier-1: Should have visibility into scripts and execution history, but no execution capabilities. |
View/Edit | When set to View/Edit, the following action checkboxes become available:
For more information, see Run agent scripts on an endpoint | SOC Tier 2 and 3 Analysts, Threat Hunters, and Security Engineers should have full access with granular controls. |
Sub-permission | Description | Roles Example |
|---|---|---|
Run Standard Scripts | Enables execution of standard scripts, which are lower-risk operations that don't make significant system changes, such as data collection, log retrieval, or read-only queries.
| SOC Tier 2 and 3 Analysts, Security Engineers, Threat Hunters. |
Run High-Risk Scripts | Enables execution of scripts marked as High-Risk, which can make significant system changes, including file modifications, process termination, registry changes, or system configuration alterations. These scripts require elevated permissions due to their potential impact.
TipConsider adding Run Standard Scripts. High-risk scripts permission is typically granted alongside standard scripts. | SOC Tier-3 Analysts, Security Engineers, and Threat Hunters. |
Script Configurations | Controls the ability to create, edit, clone, and delete scripts in the Agents Script Library. This is separate from the ability to run scripts.
| Security Engineer |