Skip to content

[Security] [Serverless: Sep 23] Endpoint Exceptions feature privilege in Stack #2983

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Sep 24, 2025
Merged

[Security] [Serverless: Sep 23] Endpoint Exceptions feature privilege in Stack #2983

Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
4fa71cd
[Security] Endpoint Exceptions feature privilege in Stack
natasha-moore-elastic Sep 17, 2025
f0beef5
address suggestion
natasha-moore-elastic Sep 17, 2025
15025de
update order
natasha-moore-elastic Sep 17, 2025
7e4ddb7
Merge branch 'main' into issue-2974-e-exc
vishaangelova Sep 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions solutions/security/configure-elastic-defend/elastic-defend-feature-privileges.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,8 +39,8 @@ For each of the following sub-feature privileges, select the type of access you
| --- | --- |
| **Endpoint List** | Access the [Endpoints](/solutions/security/manage-elastic-defend/endpoints.md) page, which lists all hosts running {{elastic-defend}}, and associated integration details. |
| **Automatic Troubleshooting** |Access [Automatic Troubleshooting](/solutions/security/manage-elastic-defend/identify-antivirus-software-on-hosts.md) to check if your hosts have third-party AV software installed.<br><br>**Note:** In {{stack}} 9.0.0, this privilege is called **Endpoint Insights**. |
| **Endpoint Exceptions** | Add and use [endpoint exceptions](/solutions/security/detect-and-alert/add-manage-exceptions.md#endpoint-rule-exceptions).<br><br>**Note:** This privilege is only available in {{serverless-short}}. In {{stack}}, it's included within the **Security** privilege. |
| **Global Artifact Management** | {applies_to}`stack: ga 9.1` Manage global assignment of endpoint artifacts (e.g., trusted applications, event filters) across all spaces and policies. This privilege controls global assignment rights only; privileges for each artifact type are required for full artifact management. |
| **Endpoint Exceptions** {applies_to}`stack: ga 9.2` {applies_to}`serverless: ga`| Add and use [endpoint exceptions](/solutions/security/detect-and-alert/add-manage-exceptions.md#endpoint-rule-exceptions).<br><br>**Note:** In {{stack}} 9.0.0 and 9.1.0, this privilege is included within the **Security** privilege. |
| **Global Artifact Management** {applies_to}`stack: ga 9.1` | Manage global assignment of endpoint artifacts (e.g., trusted applications, event filters) across all spaces and policies. This privilege controls global assignment rights only; privileges for each artifact type are required for full artifact management. |
| **Trusted Applications** | Access the [Trusted applications](/solutions/security/manage-elastic-defend/trusted-applications.md) page to remediate conflicts with other software, such as antivirus or endpoint security applications. |
| **Host Isolation Exceptions** | Access the [Host isolation exceptions](/solutions/security/manage-elastic-defend/host-isolation-exceptions.md) page to add specific IP addresses that isolated hosts can still communicate with. |
| **Blocklist** | Access the [Blocklist](/solutions/security/manage-elastic-defend/blocklist.md) page to prevent specified applications from running on hosts, extending the list of processes that {{elastic-defend}} considers malicious. |
Expand Down