You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-office-365/attack-simulation-training-get-started.md
+11-11Lines changed: 11 additions & 11 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -53,28 +53,28 @@ Watch this short video to learn more about Attack simulation training.
53
53
-[Microsoft Entra permissions](/entra/identity/role-based-access-control/manage-roles-portal): You need membership in one of the following roles:
54
54
-**Global Administrator**¹
55
55
-**Security Administrator**
56
-
-**Attack Simulation Administrators**²: Create and manage all aspects of attack simulation campaigns.
57
-
-**Attack Payload Author**²: Create attack payloads that an admin can initiate later.
56
+
-**Attack Simulation Administrator**²: Create and manage all aspects of attack simulation campaigns.
57
+
-**Attack Payload Author**²: Create attack payloads that an admin can initiate later.
58
58
-**Security Operator and Security Reader**³: View all aspects of attack simulation campaigns.
59
59
60
60
> [!IMPORTANT]
61
61
> ¹ Microsoft recommends that you use roles with the fewest permissions. Using lower permissioned accounts helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.
62
62
>
63
63
> ² Adding users to this role group in [Email & collaboration permissions in the Microsoft Defender portal](mdo-portal-permissions.md) is currently unsupported.
64
64
>
65
-
> Members of Attack Payload Author have the following limitations in attack simulation training:
65
+
> Members of Attack Payload Author have the following limitations in attack simulation training:
66
66
>
67
-
> - They can't create or edit simulations, training campaigns, simulation automations, or payload automations.
68
-
> - They can't change global settings.
69
-
> - They can't change content (for example, notifications), but they can change payloads.
70
-
> - They can't view tenant simulation reports, aggregate reports, simulation automation records, or payload automation records.
67
+
> - They can't create or edit simulations, training campaigns, simulation automations, or payload automations.
68
+
> - They can't change global settings.
69
+
> - They can't change content (for example, notifications), but they can change payloads.
70
+
> - They can't view tenant simulation reports, aggregate reports, simulation automation records, or payload automation records.
71
71
>
72
72
> ³ Members of Security Operator and Security Reader have the following limitations in attack simulation training:
73
73
>
74
-
> - They can't create or edit simulations, training campaigns, simulation automations, or payload automations.
75
-
> - They can't change global settings.
76
-
> - They can't change content (for example, tenant payloads or notifications).
77
-
> - They can access data through read APIs with user scope, but they can't use write APIs.
74
+
> - They can't create or edit simulations, training campaigns, simulation automations, or payload automations.
75
+
> - They can't change global settings.
76
+
> - They can't change content (for example, tenant payloads or notifications).
77
+
> - They can access data through read APIs with user scope, but they can't use write APIs.
78
78
79
79
Currently, [Microsoft Defender XDR Unified role based access control (RBAC)](/defender-xdr/manage-rbac) isn't supported.
0 commit comments