Symantec Advanced Threat Protection (ATP) provides the following user roles for ATP Manager:
An administrator has the highest access level, with full read/write access to all ATP Manager functions.
A controller has full read/write access to all ATP Manager functions except to the Settings options.
A user has limited access throughout ATP Manager, with no access to the Settings options. A user can view events and incidents, but cannot perform actions against them.
Table: ATP Manager user role access rights
Perform IoC (Indicators of Compromise) searches
Perform endpoint searches
View network, endpoint, and email traffic from dashboard widgets
View incidents and related details pages
Add a file to Whitelist or Blacklist policies
Quarantine and un-quarantine an endpoint
Clean a file from an endpoint
Download a file from an endpoint
Submit a file for cloud-based sandboxing or to VirusTotal
Add comments to an incident
View existing reports
Schedule and run reports
All users have the rights to reset their passwords from the ATP Manager logon page.
See Requesting a new logon password.
Data Sharing settings
See Managing users
See Adding local user accounts
See Editing a local user account
See Disabling and enabling a local user account
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
This will clear the history and restart the chat.