Microsoft is set to enhance the security integration between Microsoft Teams and Microsoft Defender for Office 365 with a new feature rolling out next month.
According to a new notification in the Microsoft 365 Message Center (MC1200058), security administrators will soon be able to manage blocked external users in Teams directly through the Tenant Allow/Block List (TABL) in the Microsoft Defender portal.
This update, associated with Microsoft 365 Roadmap ID 542189, represents a significant shift toward centralized security management, allowing organizations to control external user access across services from a single interface.
Historically, managing external access and blocked users often required navigating separate admin centers. With this integration, Microsoft is streamlining the process by bringing Teams blocking capabilities into the Defender portal.
This change is designed to improve compliance and security posture by giving admins a unified view of threat vectors and blocked entities.
The integration empowers security teams to add specific external users or domains to the block list. Once added to the Tenant Allow/Block List, these entries are enforced in Microsoft Teams, effectively preventing the blocked external parties from initiating or continuing communications. This includes blocking chats, channel messages, meetings, and calls.
Key Capabilities and Limits
The update comes with specific operational limits and capabilities that administrators should note. The feature supports blocking up to 4,000 domains and 200 individual email addresses.
This granularity allows security teams to take surgical action against specific malicious actors without necessarily blocking entire domains, or to block broad domains that pose a risk.
Furthermore, the system includes robust audit logging. Any action taken to block or unblock a user via the Defender portal is recorded, ensuring that organizations can maintain a clear compliance trail and monitor changes to their external access policies.
Importantly, Microsoft has stated that this rollout will on affect existing Teams settings, ensuring continuity for current configurations.
The rollout for this feature is scheduled to begin in early January 2026 and is expected to be fully available worldwide by mid-January 2026.
This feature is available to organizations with Microsoft Defender for Office 365 Plan 1 or Plan 2. Administrators looking to leverage this capability should ensure their Teams settings are configured to allow security teams to manage blocked domains, a prerequisite for the TABL integration to function correctly.
By bridging communication tools and threat defense platforms, Microsoft continues to harden the Microsoft 365 ecosystem against external threats while reducing the administrative burden on security operations teams.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
