MC1311977 – (Updated) Security Detection Report in Teams Admin Center

Product:

Microsoft 365 admin center, Teams

Platform:

Online, Web, World tenant

Status:

Feature Rollout Status Not Supported

Change type:

Admin impact, New feature, Updated message, User impact

Links:

560702

Details:

Summary:
A new Security Detection Report in the Teams admin center, launching mid-July 2026, offers centralized visibility into messaging threats like impersonation, malicious links, and unsafe files. Admins can review, export, and act on detections to improve security investigations and responses.

Details:
Updated May 28, 2026: We have updated the timeline. Thank you for your patience.
[Introduction]
A new Security Detection Report in the Teams admin center provides a unified view of messaging security detections across signals such as impersonation, malicious URLs, and weaponizable file types. This centralized reporting experience improves visibility into threats in Teams and helps admins investigate and respond to suspicious activity more efficiently.
This message is associated with Microsoft 365 Roadmap ID 560702.
[When this will happen:]
General Availability (Worldwide): Rollout will begin in mid-July 2026 (previously late June) and is expected to complete by late July 2026 (previously late June).

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:

Created:
2026-05-16

updated:
2026-05-29

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

linked item details

XXXXXXX ... free basic plan only

Pictures

XXXXXXX ... free basic plan only

summary for non-techies**

XXXXXXX ... free basic plan only

Direct effects for Operations**

Increased Security Threats
Without preparation, the rollout may lead to increased security threats as users may not be aware of new detection capabilities, potentially leading to more successful impersonation or phishing attempts.
   - roles: Admins, Security Teams
   - references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=560702

User Confusion
Users may experience confusion regarding new security protocols and reporting features, leading to potential misuse or disregard of security measures.
   - roles: End Users, Helpdesk Teams
   - references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=560702

Inefficient Incident Response
If security and helpdesk teams are not familiarized with the new report, incident response times may increase, leading to prolonged exposure to threats.
   - roles: Security Teams, Helpdesk Teams
   - references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=560702

Documentation Gaps
Existing documentation may not reflect the new features, leading to inconsistencies in security investigation processes and potential oversight of critical updates.
   - roles: Admins, Security Teams
   - references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=560702

Increased Workload
Admins may face an increased workload due to the need to manage and respond to new security detections without adequate preparation or training.
   - roles: Admins, Security Teams
   - references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=560702

Configutation Options**

XXXXXXX ... paid membership only

Opportunities**

XXXXXXX ... free basic plan only

Potentional Risks**

XXXXXXX ... paid membership only

Data Protection**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

Hypothetical Work Council Statement**

XXXXXXX ... paid membership only

DPIA Draft**

XXXXXXX ... paid membership only

explanation for non-techies**

XXXXXXX ... free basic plan only