What can Falcon Security Leads manage?

Falcon Security Leads have specific responsibilities that focus on incident response and threat management within the CrowdStrike platform. By selecting the option that states they can manage detections, quarantined files, and contain hosts, it highlights their role in actively responding to security threats and managing the security posture of their organization.

Managing detections involves assessing alerts generated by the Falcon platform for potential threats. Quarantining files allows the Security Leads to isolate potentially malicious files to prevent further spread or impact. Additionally, containing hosts enables them to take immediate action on endpoints that may be compromised, ensuring that the threat is effectively mitigated.

In contrast, the other options describe roles or capabilities that do not align with the core functions of Falcon Security Leads. Viewing dashboards and documents is more passive and does not involve active management. Creating and editing workflows pertain to process management but do not encapsulate the operational security responsibilities. Controlling user profiles and support tickets is more aligned with user administration rather than threat management. Thus, the capability to manage detections, quarantined files, and contain hosts accurately represents the core responsibilities of Falcon Security Leads.