Microsoft 365 - OpenText Webroot Unity Integration and Automation

Common Integration Use Cases Between Microsoft 365 and OpenText Webroot Unity

1. Security Incident Notifications in Microsoft Teams and Outlook

Data flow: OpenText Webroot Unity ? Microsoft 365

When Webroot Unity detects malware, phishing, or ransomware activity on an endpoint, it can send alerts into Microsoft Teams channels and Outlook mailboxes used by IT operations and security teams. This gives responders immediate visibility into affected users, devices, and threat severity without logging into multiple consoles.

• Security teams receive real-time alerts in Teams for faster triage
• IT service desks can open tickets and notify impacted users through Outlook
• Escalation workflows can be aligned to severity levels and business hours

2. Automated User Communication During Endpoint Containment

Data flow: OpenText Webroot Unity ? Microsoft 365

When a device is quarantined or flagged for remediation, Microsoft 365 can be used to automatically notify the user with next steps, expected downtime, and support contacts. This reduces confusion and helps employees continue working with minimal disruption.

• Outlook sends standardized remediation instructions
• Teams messages can direct users to the service desk or self-service guidance
• SharePoint can host approved recovery instructions and policy documents

3. Security Dashboarding for Leadership and Operations

Data flow: OpenText Webroot Unity ? Microsoft 365

Threat and endpoint protection data from Webroot Unity can be surfaced in Power BI dashboards for IT leadership, compliance teams, and operations managers. This supports reporting on infection trends, response times, device risk levels, and recurring attack patterns across the organization.

• Power BI visualizes endpoint risk by department, region, or device group
• Leadership gets monthly security posture reporting in a familiar Microsoft environment
• Security teams can track remediation performance and policy effectiveness

4. Secure Collaboration for Incident Response Teams

Data flow: Bi-directional

Microsoft Teams and SharePoint can serve as the collaboration layer for incident response, while Webroot Unity provides the endpoint security context. Security analysts, help desk staff, and managers can coordinate containment, investigation, and recovery using shared channels, files, and task updates.

• Teams channels centralize incident communication
• SharePoint stores evidence, response playbooks, and post-incident reports
• Webroot Unity findings can be referenced during response meetings and case reviews

5. Policy and Exception Management for Protected Devices

Data flow: Microsoft 365 ? OpenText Webroot Unity

Organizations can use Microsoft 365 to manage approval workflows for security exceptions, such as allowing a business-critical application or device to bypass a specific control. Requests can be submitted through Microsoft Forms or Power Automate, reviewed in Teams, and documented in SharePoint before being applied in Webroot Unity.

• Standardized approval process for endpoint security exceptions
• Audit trail stored in SharePoint for compliance and governance
• Reduces ad hoc email-based approvals and policy drift

6. Phishing Response and User Awareness Workflow

Data flow: OpenText Webroot Unity ? Microsoft 365

When Webroot Unity identifies a phishing-related threat on a device, Microsoft 365 can be used to trigger awareness actions such as notifying the user, assigning follow-up training, or alerting the security awareness team. This helps convert incidents into targeted education and reduces repeat exposure.

• Outlook messages inform users of suspicious activity and safe handling steps
• Teams alerts security awareness coordinators for follow-up
• SharePoint can track repeat offenders and training completion status

7. Compliance Evidence Collection for Security Operations

Data flow: Bi-directional

Microsoft 365 can store and organize evidence such as incident reports, remediation approvals, and policy acknowledgments, while Webroot Unity provides endpoint protection logs and threat detection records. Together, they support audits, internal controls, and regulatory reporting.

• SharePoint acts as a controlled repository for audit evidence
• Power BI can summarize security control performance for compliance reviews
• Webroot Unity logs support proof of endpoint monitoring and response activity

8. Service Desk Case Creation from Endpoint Threat Events

Data flow: OpenText Webroot Unity ? Microsoft 365

Threat detections in Webroot Unity can automatically create or update service desk cases that are coordinated through Microsoft 365 collaboration tools. This ensures that endpoint incidents are tracked, assigned, and resolved through a structured workflow rather than handled informally.

• Security events generate actionable work items for IT support
• Teams can be used for assignment, status updates, and escalation
• Outlook notifications keep users and managers informed of progress