Home | Connectors | OpenText Core Case | OpenText Core Case - OpenText Webroot Unity Integration and Automation
Data flow: OpenText Webroot Unity ? OpenText Core Case
When Webroot Unity detects malware, phishing, ransomware, or suspicious endpoint behavior, it can automatically create a case in OpenText Core Case for investigation and resolution. The case can include device details, threat type, detection time, user identity, and remediation status. This gives security teams a structured workflow for triage, assignment, escalation, and closure.
Business value: Faster incident response, better accountability, and a consistent process for handling endpoint security events.
Data flow: OpenText Webroot Unity ? OpenText Core Case
Security events that require audit tracking, such as repeated malware infections, policy violations, or endpoint exceptions, can be routed into Core Case as compliance cases. The case can store evidence, remediation actions, approvals, and audit notes in one place. This is especially useful for regulated industries that need a documented chain of action for security-related incidents.
Business value: Improved audit readiness, stronger evidence management, and reduced manual tracking across security and compliance teams.
Data flow: OpenText Core Case ? OpenText Webroot Unity
When business users request an exception for a blocked application, website, or device action, the request can be managed in Core Case and then approved or denied through a controlled workflow. Once approved, Core Case can send the decision to Webroot Unity so security administrators can apply the appropriate endpoint policy change. This creates a formal review process for security exceptions.
Business value: Better governance over security exceptions, fewer ad hoc approvals, and reduced risk of unauthorized policy changes.
Data flow: Bi-directional
Webroot Unity can flag a device as potentially compromised, while Core Case can manage the broader investigation involving IT support, security operations, and business stakeholders. Core Case can track tasks such as user interviews, device isolation, password resets, and remediation verification. Updates from the case can be sent back to Webroot Unity to reflect containment or recovery status.
Business value: Better cross-team coordination, clearer ownership, and faster containment of endpoint threats.
Data flow: OpenText Webroot Unity ? OpenText Core Case
If the same endpoint repeatedly triggers malware or phishing detections, Webroot Unity can escalate the pattern into a Core Case for deeper analysis. The case can be assigned to the service desk or security operations team to determine whether the issue is caused by user behavior, missing patches, weak controls, or a persistent threat. This helps move beyond one-off alerts to structured problem resolution.
Business value: Reduced repeat incidents, improved root cause analysis, and more effective remediation planning.
Data flow: OpenText Webroot Unity ? OpenText Core Case
When endpoint protection identifies a threat on a user device, Core Case can open a support case for the affected employee or customer-facing agent. The case can guide support teams through required actions such as device cleanup, credential reset, access restoration, and user communication. This is useful when security events directly impact productivity or service delivery.
Business value: Faster restoration of service, better user communication, and reduced downtime for business operations.
Data flow: OpenText Core Case ? OpenText Webroot Unity
When a case requires a security policy update, such as tightening endpoint controls after an incident, Core Case can manage the change request, approvals, and implementation steps. After approval, the required policy update can be pushed to Webroot Unity for enforcement. The case then tracks validation and closure once the change is confirmed.
Business value: Controlled security changes, stronger governance, and better visibility into remediation outcomes.
CyanGate, LLC
+1 (833) DAM-XPRT (326-9778) 
contactus@oneteg.com
