Team: Huntress EDR
Environment: Portal, Dashboard
Summary: How to set Huntress User Roles.
Setting Huntress User Permissions
Account-level
Organization-level
For information on adding or managing users, see this article: Managing Huntress Users.
If you have larger customers who need their own reporting integration, but still require your expertise (co-managed IT for example), you can submit the form below to initiate the process to become a Huntress Reseller.
Account-level
NOTE: Account level Admins/Users can access any organizations listed under the account
Admin
Admins have full access to modify everything across Huntress and can view/modify billing information.
Security Engineer
Security Engineers can perform most security functions such as host isolation or assisted remediation, but cannot view/edit billing.
Security Engineers cannot:
- Create/Modify/Delete Account-level users
- Create/Modify/Delete Organizations
- View/change billing information (including invoices and contracts)
Security Engineers can:
- Approve/Reject Assisted Remediation
- Manually isolate or de-isolate hosts
- Download the Huntress installer (and view the account key)
- Manage Incident Reports
- Do bulk Managed AV actions such as quick/full scan, update or change audit/enforce mode
- Add/remove exclusions
- Change global preferences such as SAML SSO or manage Host Isolation settings
- Act on an Escalation (Resend Report or Resolve)
- Bulk move or remove agents across organizations
User
The User role is similar to the Security Engineer role but has less access overall. These are the differences:
Users cannot:
- Download Agent
- Access Account Key
- Manually isolate or de-isolate hosts
- Add/remove exclusions
- Manage Incident Reports
- Change global preferences such as SAML SSO or manage Host Isolation settings
- Perform managed AV actions
- Do any bulk Managed AV actions such as quick/full scan, update or change audit/enforce mode
- Change Managed AV configuration on either account, org or single machine scope
- Force a Managed AV scan on a single target
Users can:
- Create/Modify/Delete Organizations
- This is the only access that Users have that Security Engineers do not. We are considering removing this capability from the User role in the future.
Finance
- Limited to Billing and Invoices areas ONLY
- View Past Invoices
- View breakdown of agents per organization in an invoice
- View payment receipts
- Update Payment Info
- Update Billing Info
Marketing
Marketing users can only access the Partner Enablement Service (PES).
Read-Only
Read-only users can see everything as a User can, but cannot modify/delete/add anything across the Huntress Dashboard.
Organization-level
NOTE: Organization-level Admins/Users cannot view or access any other organization
skip to Organization-level Admin
User
Organization-level users can see most things throughout their Huntress Organization.
Org-level Users can:
- View/Download Reports
- View investigations (within their Org(s))
- Uninstall individual Agents
- View Binaries/Autoruns/Collected Files/Canaries/External Recon
- Reject Assisted Remediation
Org-level Users cannot:
- View or access any other organization
- Download the Huntress installer (or view account key)
- Modify/add user
- Modify/add integrations
- Bulk remove agents across organizations
- View/change billing information (including invoices)
- Receive alert emails about new Incident Reports
- Change global preferences
- Change Managed AV configuration on either account, org or single machine scope
- Do any bulk Managed AV actions such as quick/full scan, update or change audit/enforce mode
- Add/remove exclusions
- Manually isolate hosts
- Manually deisolate hosts
- Approve Assisted Remediation
Admin
An Organization-level Admin can do what Org-level users can plus:
- Approve Assisted Remediation
- Add other Organization-level users
- Edit Organization name(s)
- Add/remove exclusions
- Change Managed AV configuration
- Perform bulk Managed AV actions
Read-Only
Read-only users can see everything as a User can, but cannot modify/delete/add anything within the Organization.
Comments
0 comments
Please sign in to leave a comment.