Investigation Admin - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Documentation

Product
Cortex XSIAM
Creation date
2024-03-06
Last date published
2024-12-04
Category
Administrator Guide
Abstract

Learn more about the Cortex XSIAM predefined user role called Investigation Admin.

The Investigation Admin role is used to view and triage alerts and incidents, configure rules, view endpoint profiles and policies, and Analytics management screens.