Learn more about the Cortex XDR predefined user role called Privileged IT Admin.
Manage and control endpoints and installations, configure Broker VMs, create profiles and policies, view issues, and initiate Live Terminal.
This permission is significantly more extensive than the standard IT Admin. It includes response actions, script execution, detection rule editing, cloud security policies, compliance management, and Live Terminal access. This role is closer to a Security Admin than a typical IT Admin.
Tip
Assign to senior IT administrators or IT security leads who need full endpoint management capabilities plus the ability to respond to cases, edit detection rules, manage policies/profiles, and access cloud security features.
To quickly see exactly which pages and actions a role allows, click on the role name, which opens a read-only view of all checked permissions. For more information about the permissions, see Role permissions by components.