The Playbook creator can define view/edit permissions for users per playbook. This means you can restrict access for specific users or SOC roles to edit certain playbooks. 

Here are some examples of MSSP use cases for Playbook permissions:

  • Allow end customers (managed-plus users) to build playbooks in their own environment while collaborating with MSSP engineers.
  • Allow MSSPs to create playbooks without giving edit permissions to their end customers (managed-plus users)

Here are some examples of Enterprise use cases for Playbook permissions:

  • Restrict edit access of certain engineers to sensitive playbooks
  • Prevent engineers from overriding your work while building a playbook

The Permissions icon is located on the top right of the Playbook screen.

The following Permissions screen opens:

Let's take a look at the Playbook permissions screen and explain.

At the very top is the Default Permissions section. This focuses on all the users who have access to all the environments that the Playbook can run on. You can choose here to let all the users view this Playbook or allow them to make changes. Note that you have to have access to all the environments the Playbook runs on in order to have editing rights. However, you only need access to one environment in order to have viewing rights.

The second section allows for more granular flexibility in drilling down to specific users or SOC roles within specific groups to grant them either edit/view access. Permissions selected here override the default permissions set above.

So for example, you could tag Tier 3 as view only and select Alex Smith (who is in Tier 3) as having edit permissions.