Skip to main content

User Permissions

Tyler Benson
  • Updated

Team: Huntress EDR
Environment: Portal, Dashboard
Summary: How to set Huntress User Roles. 

 

Setting Huntress User Permissions

Account-level

Organization-level

For information on adding or managing users, see this article: Managing Huntress Users.

If you have larger customers who need their own reporting integration, but still require your expertise (co-managed IT for example), you can submit the form below to initiate the process to become a Huntress Reseller.

Account-level 

NOTE: Account level Admins/Users can access any organizations listed under the account


Admin

Admins have full access to modify everything across Huntress and can view/modify billing information. 

 

Security Engineer

Security Engineers can perform most security functions such as host isolation or assisted remediation, but cannot view/edit billing.

Security Engineers cannot

  • Create/Modify/Delete Account-level users
  • Create/Modify/Delete Organizations
  • View/change billing information (including invoices and contracts) 

Security Engineers can

  • Approve/Reject Assisted Remediation
  • Manually isolate or de-isolate hosts
  • Download the Huntress installer (and view the account key)
  • Manage Incident Reports
  • Do bulk Managed AV actions such as quick/full scan, update or change audit/enforce mode
  • Add/remove exclusions
  • Change global preferences such as SAML SSO or manage Host Isolation settings
  • Act on an Escalation (Resend Report or Resolve)     
  • Bulk move or remove agents across organizations          

 

User

The User role is similar to the Security Engineer role but has less access overall. These are the differences:

Users cannot:

  • Download Agent
  • Access Account Key
  • Manually isolate or de-isolate hosts
  • Add/remove exclusions
  • Manage Incident Reports
  • Change global preferences such as SAML SSO or manage Host Isolation settings
  • Perform managed AV actions
    • Do any bulk Managed AV actions such as quick/full scan, update or change audit/enforce mode
    • Change Managed AV configuration on either account, org or single machine scope
    • Force a Managed AV scan on a single target

Users can

  • Create/Modify/Delete Organizations
    • This is the only access that Users have that Security Engineers do not. We are considering removing this capability from the User role in the future.

Finance

  • Limited to Billing and Invoices areas ONLY
    • View Past Invoices
    • View breakdown of agents per organization in an invoice 
    • View payment receipts 
  • Update Payment Info
  • Update Billing Info

Marketing

Marketing users can only access the Partner Enablement Service (PES).

 

Read-Only

Read-only users can see everything as a User can, but cannot modify/delete/add anything across the Huntress Dashboard.  

Organization-level 

NOTE: Organization-level Admins/Users cannot view or access any other organization 

skip to Organization-level Admin

User

Organization-level users can see most things throughout their Huntress Organization.

Org-level Users can

  • View/Download Reports
  • View investigations (within their Org(s))
  • Uninstall individual Agents
  • View Binaries/Autoruns/Collected Files/Canaries/External Recon
  • Reject Assisted Remediation

Org-level Users cannot:

  • View or access any other organization
  • Download the Huntress installer (or view account key)
  • Modify/add user 
  • Modify/add integrations
  • Bulk remove agents across organizations
  • View/change billing information (including invoices) 
  • Receive alert emails about new Incident Reports 
  • Change global preferences
  • Change Managed AV configuration on either account, org or single machine scope
  • Do any bulk Managed AV actions such as quick/full scan, update or change audit/enforce mode
  • Add/remove exclusions
  • Manually isolate hosts
  • Manually deisolate hosts
  • Approve Assisted Remediation

Admin

An Organization-level Admin can do what Org-level users can plus: 

  • Approve Assisted Remediation
  • Add other Organization-level users
  • Edit Organization name(s)
  • Add/remove exclusions
  • Change Managed AV configuration
  • Perform bulk Managed AV actions 

Read-Only

Read-only users can see everything as a User can, but cannot modify/delete/add anything within the Organization.

 

 

Comments

0 comments

Please sign in to leave a comment.

Related articles