check before: 2026-02-28
Product:
Defender, Defender for Office 365, Defender XDR, Teams
Platform:
Android, iOS, Mac, Online, US Instances, Web, Windows Desktop, World tenant
Status:
Rolling out
Change type:
New feature, User impact, Admin impact
Links:
Details:
Summary:
Microsoft Defender for Office 365 URL click alerts will now include Microsoft Teams, enabling detection of malicious link clicks in Teams messages. This feature, rolling out from February to May 2026, enhances alert visibility and investigation in the Defender portal for licensed organizations, with no user workflow changes.
Details:
[Introduction]
We're extending Microsoft Defender for Office 365 (MDO) URL click alerting to Microsoft Teams, giving security teams greater visibility into potentially malicious activity beyond email. By surfacing alerts when users click malicious or suspicious links in Teams messages, organizations can detect threats earlier, investigate faster, and respond more effectively-all from the Microsoft Defender portal.
This message is associated with Microsoft Roadmap ID 557549.
[When this will happen:]
Public Preview (Worldwide): We will begin rolling out late February 2026 and expect to complete by early March 2026.
General Availability (Worldwide): We will begin rolling out early March 2026 and expect to complete by mid-March 2026.
General Availability (GCC, GCCH, DoD): We will begin rolling out early May 2026 and expect to complete by late May 2026.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability, Preview
Created:
2026-02-26
updated:
2026-02-26
Public Preview Start Date
XXXXXXX ... free basic plan only
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
summary for non-techies**
Microsoft is enhancing its security by integrating Microsoft Defender for Office 365 URL click alerts with Microsoft Teams, automatically enabling alerts for suspicious links in Teams messages without requiring additional setup.
Direct effects for Operations**
Increased Alert Volume
The introduction of Teams URL click alerts may lead to a higher volume of alerts, potentially overwhelming security teams and leading to alert fatigue.
- roles: Security Admins, SOC Teams
- references: https://learn.microsoft.com/defender-xdr/alert-policies, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=557549
Investigation Complexity
With the addition of Teams data in alerts, security teams may face increased complexity in investigations, requiring more time to correlate incidents across platforms.
- roles: Security Admins, SOC Teams
- references: https://learn.microsoft.com/defender-xdr/alert-policies, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=557549
User Experience Impact
Users may experience delays in response to incidents as security teams adjust to the new alerting system, potentially affecting their productivity.
- roles: End Users, Helpdesk Teams
- references: https://learn.microsoft.com/defender-xdr/alert-policies, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=557549
Training and Awareness Needs
Security and helpdesk teams will require additional training to effectively manage and respond to the new Teams URL click alerts, which may not be immediately available.
- roles: Security Admins, Helpdesk Teams
- references: https://learn.microsoft.com/defender-xdr/alert-policies, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=557549
Potential for Missed Alerts
If not properly communicated, the new alerts may lead to missed incidents as teams may not be fully aware of the changes and new alert types.
- roles: Security Admins, SOC Teams
- references: https://learn.microsoft.com/defender-xdr/alert-policies, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=557549
Configutation Options**
XXXXXXX ... paid membership only
Opportunities**
XXXXXXX ... free basic plan only
Potentional Risks**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
Hypothetical Work Council Statement**
XXXXXXX ... paid membership only
DPIA Draft**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 2 days ago ago
