Skip to content

Commit 97dfd5f

Browse files
poliveriapoliveria
committed
Update required permissions for Threat Intel Briefing Agent
Replaced 'Vulnerability Management (read)' with 'Microsoft Defender for Endpoint' in the required permissions list for the Threat Intelligence Briefing Agent in both documentation files to reflect updated access requirements.
1 parent 238e5d0 commit 97dfd5f

File tree

2 files changed

+2
-2
lines changed

2 files changed

+2
-2
lines changed

defender-xdr/security-copilot-agents-defender.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -96,7 +96,7 @@ The [Threat Intelligence Briefing Agent](threat-intel-briefing-agent-defender.md
9696
|---|---|
9797
| Identity | Requires connection to an existing user account or creation of a new agent identity |
9898
| License | [Defender EASM Standard](https://www.microsoft.com/security/pricing/microsoft-defender-external-attack-surface-management?msockid=2f55df1fd6fd61f12ba8ca23d7976094) |
99-
| Permissions | **Required permissions:**<ul><li>Vulnerability Management (read)<li>Security Reader</ul>**Optional permissions:**<ul><li>Exposure Management (read)</ul> |
99+
| Permissions | **Required permissions:**<ul><li>Microsoft Defender for Endpoint<li>Security Reader</ul>**Optional permissions:**<ul><li>Exposure Management (read)</ul> |
100100
| Products | [Security Copilot](/copilot/security/get-started-security-copilot) |
101101
| Plugins | The following plugins are required to run this agent:<ul><li>Microsoft Threat Intelligence<li>Microsoft Threat Intelligence agents</ul>The following plugin is optional but can add more context to the output:<ul><li>Microsoft Defender External Attack Surface Management</ul> |
102102
| Role-based access | The **Security Administrator** role is required to set up and manage the agent.<br><br>Users with the same permissions as the Threat Intelligence Briefing Agent can view the agent's activity and results. |

defender-xdr/threat-intel-briefing-agent-defender.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,7 @@ The following plugin is optional but can add more context to the output:
7070
The user account connected to the agent or the created agent identity must have these permissions:
7171

7272
**Required permissions:**
73-
- **Vulnerability Management (read):** Access to Defender Vulnerability Management data
73+
- **Microsoft Defender for Endpoint:** Access to Defender Vulnerability Management data
7474
- **Security Reader:** Access to Threat Analytics and agent results
7575
- **Security Admin:** Access to agent onboarding and configuration
7676

0 commit comments

Comments
 (0)