It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Barracuda XDR

Overview Documentation Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-5)

Setting up SOAR for Microsoft 365 Cloud

Last updated on 2024-11-13 14:47:38

The documentation below outlines the requirements for Barracuda XDR Cloud Automated Threat Response.

For additional background, see Cloud Automated Threat Response Microsoft 365.

These instructions are for customers using the Microsoft 365 Integration.

To configure the Microsoft 365 Integration to support remediation actions for Automated Threat Response, you must add additional API permissions to the registered application, by following the instructions below.

Add the new permissions in the Microsoft portal

Log in to the Microsoft portal.
Click Add a permission.
Click Microsoft Graph.
Select Application permissions (not delegated).
Select the following:
- User.ReadWrite.All
- User.EnableDisableAccount.All
Click Add permissions to save the changes.
After adding the new permissions, click Grant admin consent.
This also applies to updates made to previously configured applications.
Ensure that the Graph API roles show the following new permissions:
- Graph API Roles: User.ReadWrite.All, User.EnableDisableAccount.All
Click Save.

To enable SOAR in XDR Dashboard

Log in to XDR Dashboard.
Navigate to Integrations > Microsoft 365.
Ensure that the Graph API roles show the following new permissions:
- Graph API Roles: User.ReadWrite.All, User.EnableDisableAccount.All
If the Graph API roles are correct, select the Auto Remediation Enabled checkbox.
Click Save.