What type of actions cannot be included by a Workflow Author without an additional role?

A Workflow Author is primarily responsible for creating and managing workflows within a system. However, certain actions require elevated permissions due to their potential impact on security and operational integrity. RTR (Real Time Response) actions allow for direct interaction with endpoints, enabling actions such as executing commands, collecting files, or terminating processes in real-time.

These actions necessitate a higher level of access because they can affect the endpoints’ functionality and the overall security posture of an organization. Therefore, an additional role with permissions beyond those of a standard Workflow Author is required to perform RTR actions. This ensures that only authorized personnel can execute potentially disruptive commands on managed endpoints, aligning with best practices for security and accountability.

In contrast, view dashboard actions, quarantine management actions, and audit analytics actions generally fall within the scope of a Workflow Author's responsibilities, as they do not directly alter endpoint behavior or configurations in a manner that requires elevated permissions.