What functionality is restricted for a Workflow Author role?

The Workflow Author role has specific permissions and limitations designed to streamline certain aspects of the platform while maintaining a level of control over workflows. One of the primary restrictions for a Workflow Author is the inability to include Remote Task Response (RTR) actions without having additional roles. This limitation is in place to ensure that users who are allowed to perform sensitive actions, such as executing commands on endpoints or managing incidents, have the appropriate clearance and expertise.

Including RTR actions is a critical functionality that carries significant implications for security and incident response. This ensures that only those with the necessary authorization and training can perform tasks that could affect endpoint health or security postures, helping to minimize risks.

In contrast, other functionalities like editing dashboards, creating workflows, and accessing help desk analytics are generally within the purview of a Workflow Author, allowing them to build and manage workflows while still adhering to important security protocols. This balance of power and responsibility is crucial in maintaining a secure and efficient environment in the CrowdStrike platform.