Introducing a refreshed design, task chat, and more in Microsoft Planner
We’re excited to announce that a modernized user interface and new features are now rolling out to basic plans in both Planner in Teams and Planner for the web. The updated design offers enhanced navigation, responsive layouts, a new goals view for setting objectives and priorities, and task chat—one of your most requested features—to enable real-time collaboration and @ mentioning team members. This release aims to make planning easier for everyday users while preparing for future AI-powered capabilities. Our goal is to streamline planning by making it more intelligent and connected, so teams can concentrate on achieving results rather than managing tasks. What's new in Planner A refreshed design: With this rollout, users will be able to manage their plans in a cleaner, more modern interface that brings a more consistent planning experience across work. Planner’s new look was designed to feel simpler, allowing users to find what they need. It reduces visual clutter, improves layout and spacing, and creates a more focused workspace. Task chat with @ mentions: A new task chat is coming to basic plans, bringing real-time, threaded conversations directly into tasks, including @ mentions, rich formatting, emojis, and notifications to help keep decisions tied to the specific task at hand. Plan members who are @ mentioned in a task will receive a notification in their Teams Activity feed and via email and can select the notification which takes them directly to the task card for additional context. Note that previously, users received notifications for every task comment, but as a result of customer feedback, we now only send notifications to mentioned users. The ability to @ mention team members directly in a task has been a top request, and we’re excited to roll this out in a familiar, chat-based experience. Please note, premium plans will continue to utilize the existing task conversation experience. This will converge into the new experience at a later point in time. Goals view: Basic plans will now include a dedicated Goals view, allowing teams to set clear, well-defined objectives to help prioritize work. By connecting tasks to shared goals, teams achieve greater alignment, gain clarity on priorities, and track progress and outcomes—driving the plan forward together. Access to Goals view in basic plans requires either a Planner premium license or a Microsoft 365 Copilot license. Notes on availability Please note that not all users will see the new Planner interface at the same time. This refreshed interface, along with Task chat and Goals view, begins rolling out to basic plans today and will continue to roll out over the coming weeks. This is only the beginning This redesign lays the groundwork for many more improvements coming to Planner in the next few weeks and months, including: Project Manager agent in basic plans – to help with task execution and the creation of status reports. Custom templates. Planner in Outlook. Stay tuned for announcements regarding these updates and more aligned to our long-term vision for integrated work management. Feature availability, naming, and timelines are subject to change. Please refer to the Microsoft 365 Roadmap for the latest status. Addressing your feedback We heard your feedback about inconsistencies between basic and premium plans. This refresh starts closing those gaps, so features appear consistently across plans based on your license. For example, users with a Planner premium license will now see Goals in basic plans, and users with a Microsoft 365 Copilot license will soon have access to Project Manager Agent in basic plans as well. Tell us what you think about the new Planner interface, Task chat, and Goals view by selecting More (circled question mark icon) in the top right corner of the app, then selecting Feedback from the dropdown menu. We also encourage you to share any feature requests by adding your ideas to the Planner Feedback Portal. Your feedback helps inform our feature updates, and we look forward to hearing from you. Learn more Visit planner.cloud.microsoft to access Planner directly from your browser. Sign up to receive future communication about Planner. Learn more about Planner in our Frequently asked questions. Check out the Planner adoption page and Planner help & learning page to learn more about Planner. Visit the Microsoft 365 roadmap for feature descriptions and estimated release dates for Planner. Walk through the interactive demos for Project Manager Agent in Planner and Project Manager Agent skills in Teams meetings.Sentinel Foundry - MCP Server (Preview) (Github Community Release)
I’ve been cooking something that a lot of people in SOC have been struggling with — especially on the engineering side of Microsoft Sentinel. Thanks to the Microsoft Security team for shaping the capabilities of Sentinel even better with Sentinel Data Lake & Modern SecOps. Today’s the day I can finally share it. Note: This is not an official Microsoft product, but it is designed to make the Sentinel Build even better (complement) with much more intelligence. 🚀 Sentinel Foundry is now in public preview with 43 tools. (Sentinel Foundry - MCP Server) It’s an MCP server built to act like the brain of a strong Sentinel engineer — helping make building, improving, and operating Sentinel far more practical, faster, and honestly more enjoyable. For a lot of teams, the challenge is not understanding what Sentinel can do. The hard part is the engineering work around it: -> Deciding what data should actually be ingested -> Building a clean, scalable Sentinel foundation -> Writing useful detections instead of noisy ones -> Balancing security value with cost -> Turning ideas into deployable engineering outputs That is exactly why I built Sentinel Foundry to help communities grow stronger. It helps with the real engineering tasks behind Sentinel — from architecture thinking to detection design, deployment planning, ingestion strategy, automation ideas, and many of the workflows outlined in the GitHub project. How does it work? Here’s one of the flagship prompts I ran with it: “Give me a complete security posture report for our workspace. Score each pillar and tell me what to prioritise.” And within seconds, it produced a structured engineering blueprint that would normally take a lot longer to pull together manually. You can see the example prompts here in what it can do: https://github.com/prabhukiranveesam/Sentinel-Foundry#what-can-it-do I want building Sentinel to feel less like repetitive engineering overhead — and more like real security engineering that is fast, creative, and enjoyable. If you work with Sentinel as a SOC L2 analyst, engineer, detection engineer, consultant, or architect, I’d genuinely love for you to try it and tell me what you think. 🔗 Public Preview: https://github.com/prabhukiranveesam/Sentinel-Foundry This is just the start of an AI era — and I’m excited to keep shaping it with more powerful features over the coming days. This is very easy to set up and will be available to all of you at no cost during this month as part of the public preview, and your feedback is extremely valuable to shape this as a powerful solution.What’s new in Microsoft Sentinel: RSAC 2026
Security is entering a new era, one defined by explosive data growth, increasingly sophisticated threats, and the rise of AI-enabled operations. To keep pace, security teams need an AI-powered approach to collect, reason over, and act on security data at scale. At RSA Conference 2026 (RSAC), we’re unveiling the next wave of Sentinel innovations designed to help organizations move faster, see deeper, and defend smarter with AI-ready tools. These updates include AI-driven playbooks that accelerate SOC automation, Granular Delegated Admin Privileges (GDAP) and granular role-based access controls (RBAC) that let you scale your SOC, accelerated data onboarding through new connectors, and data federation that enables analysis in place without duplication. Together, they give teams greater clarity, control, and speed. Come see us at RSAC to view these innovations in action. Hear from Sentinel leaders during our exclusive Microsoft Pre-Day, then visit Microsoft booth #5744 for demos, theater sessions, and conversations with Sentinel experts. Read on to explore what’s new. See you at RSAC! Sentinel feature innovations: Sentinel SIEM Sentinel data lake Sentinel graph Sentinel MCP Threat Intelligence Microsoft Security Store Sentinel promotions Sentinel SIEM Playbook generator [Now in public preview] The Sentinel playbook generator delivers a new era of automation capabilities. You can vibe code complex automations, integrate with different tools to ensure timely and compliant workflows throughout your SOC and feel confident in the results with built in testing and documentation. Customers and partners are already seeing benefit from this innovation. “The playbook generator gives security engineers the flexibility and speed of AI-assisted coding while delivering the deterministic outcomes that enterprise security operations require. It's the best of both worlds, and it lives natively in Defender where the engineers already work.” – Jaime Guimera Coll | Security and AI Architect | BlueVoyant Learn more about playbook generator. SIEM migration experience [General availability now] The Sentinel SIEM migration experience helps you plan and execute SIEM migrations through a guided, in-product workflow. You can upload Splunk or QRadar exports to generate recommendations for best‑fit Sentinel analytics rules and required data connectors, then assess migration scope, validate detection coverage, and migrate from Splunk or QRadar to Sentinel in phases while tracking progress. “The tool helps turn a Splunk to Sentinel migration into a practical decision process. It gives clear visibility into which detections are relevant, how they align to real security use cases, and where it makes sense to enable or prioritize coverage—especially with cost and data sources in mind.” – Deniz Mutlu | Director | Swiss Post Cybersecurity Ltd Learn more about SIEM migration experience. GDAP, unified RBAC, and row-level RBAC for Sentinel [Public preview, April 1] As Sentinel environments grow for enterprises, MSSPs, hyperscalers, and partners operating across shared or multiple environments, the challenge becomes managing access control efficiently and consistently at scale. Sentinel’s expanded permissions and access capabilities are designed to meet these needs. Granular Delegated Admin Privileges (GDAP) lets you streamline management across multiple governed tenants using your primary account, based on existing GDAP relationships. Unified RBAC allows you to opt in to managing permissions for Sentinel workspaces through a single pane of glass, configuring and enforcing access across Sentinel experiences in the analytics tier and data lake in the Defender portal. This simplifies administration and improves operational efficiency by reducing the number of permission models you need to manage. Row-level RBAC scoping within tables enables precise, scoped access to data in the Sentinel data lake. Multiple SOC teams can operate independently within a shared Sentinel environment, querying only the data they are authorized to see, without separating workspaces or introducing complex data flow changes. Consistent, reusable scope definitions ensure permissions are applied uniformly across tables and experiences, while maintaining strong security boundaries. To learn more, read our technical deep dives on RBAC and GDAP. Sentinel data lake Sentinel data federation [Public preview, April 1] Sentinel data federation lets you analyze security data in place without copying or duplicating your data. Powered by Microsoft Fabric, you can now federate data from Fabric, Azure Data Lake Storage (ADLS), and Azure Databricks into Sentinel data lake. Federated data appears alongside native Sentinel data, so you can use familiar tools like KQL hunting, notebooks, and custom graphs to correlate signals and investigate across your entire digital estate, all while preserving governance and compliance. You can start analyzing data in place and progressively ingest data into Sentinel for deeper security insights, advanced automation, and AI-powered defense at scale. You are billed only when you run analytics on federated data using existing Sentinel data lake query and advanced insights meters. les for unified investigation and hunting Sentinel cost estimation tool [Public Preview, April 9] The new Sentinel cost estimation tool offers all Microsoft customers and partners a guided, meter-level cost estimation experience that makes pricing transparent and predictable. A built-in three-year cost projection lets you model data growth and ramp-up over time, anticipate spend, and avoid surprises. Get transparent estimates into spend as you scale your security operations. All other customers can continue to use the Azure calculator for Sentinel pricing estimates. See the Sentinel pricing page for more information. Sentinel data connectors A365 Observability connector [Public preview, April 15] Bring AI agent telemetry into the Sentinel data lake to investigate agent behavior, tool usage, prompts, reasoning and execution using hunting, graph, and MCP workflows. GitHub audit log connector using API polling [General availability, March 6] Ingest GitHub enterprise audit logs into Sentinel to monitor user and administrator activity, detect risky changes, and investigate security events across your development environment. Google Kubernetes Engine (GKE) connector [General availability, March 6] Collect Google Kubernetes Engine (GKE) audit and workload logs in Sentinel to monitor cluster activity, analyze workload behavior, and detect security threats across Kubernetes environments. Microsoft Entra and Azure Resource Graph (ARG) connector enhancements [Public preview, April 15] Enable new Entra assets (EntraDevices, EntraOrgContacts) and ARG assets (ARGRoleDefinitions) in existing asset connectors, expanding inventory coverage and powering richer, built‑in graph experiences for greater visibility. With over 350 Sentinel data connectors, customers achieve broad visibility into complex digital environments and can expand their security operations effectively. “Microsoft Sentinel data lake forms the core of our agentic SOC. By unifying large volumes of Microsoft and third-party data, enabling graph-based analysis, and supporting MCP-driven workflows, it allows us to investigate faster, at lower cost, and with greater confidence.” – Øyvind Bergerud | Head of Security Operations | Storebrand Learn more about Sentinel data connectors. Sentinel connector builder agent using Sentinel Visual Studio Code extension [Public preview, March 31] Build Sentinel data connectors in minutes instead of weeks using the AI‑assisted Connector Builder agent in Visual Studio Code. This low‑code experience guides developers and ISVs end-to-end, automatically generating schemas, deployment assets, connector UI, secure secret handling, and polling logic. Built‑in validation surfaces issues early, so you can validate event logs before deployment and ingestion. Example prompt in GitHub Copilot Chat: @sentinel-connector-builder Create a new connector for OpenAI audit logs using https://api.openai.com/v1/organization/audit_logs Get started with custom connectors and learn more in our blog. Data filtering and splitting [Public preview, March 30] As security teams ingest more data, the challenge shifts from scale to relevance. With filtering and splitting now built into the Defender portal, teams can shape data before it lands in Sentinel, without switching tools or managing custom JSON files. Define simple KQL‑based transformations directly in the UI to filter low‑value events and intelligently route data, making ingestion optimization faster, more intuitive, and easier to manage at scale. Filtering at ingest time allows you to remove low-value or benign events to reduce noise, cut unnecessary processing, and ensure that high-signal data drives detections and investigations. Splitting enables intelligent routing of data between the analytics tier and the data lake tier based on relevance and usage. Together, these two capabilities help you balance cost and performance while scaling data ingestion sustainably as your digital estate grows. Create workbook reports directly from the data lake [Public preview, April 1] Sentinel workbooks can now directly run on the data lake using KQL, enabling you to visualize and monitor security data straight from the data lake. By selecting the data lake as the workbook data source, you can now create trend analysis and executive reporting. Sentinel graph Custom graphs [Public preview, April 1] Custom graphs let you build tailored security graphs tuned to your unique security scenarios using data from Sentinel data lake as well as non-Microsoft sources. With custom graph, powered by Fabric, you can build, query, and visualize connected data, uncover hidden patterns and attack paths, and help surface risks that are hard to detect when data is analyzed in isolation. These graphs provide the knowledge context that enables AI-powered agent experiences to work more effectively, speeding investigations, revealing blast radius, and helping you move from noisy, disconnected alerts to confident decisions at scale. In the words of our preview customers: “We ingested our Databricks management-plane telemetry into the Sentinel data lake and built a custom security graph. Without writing a single detection rule, the graph surfaced unusual patterns of activity and overprivileged access that we escalated for investigation. We didn't know what we were looking for, the graph surfaced the risk for us by revealing anomalous activity patterns and unusual access combinations driven by relationships, not alerts.” – SVP, Security Solutions | Financial Services organization Custom graph API usage for creating graph and querying graph will be billed starting April 1, 2026, according to the Sentinel graph meter. Creating custom graph Using the Sentinel VS Code extension, you can generate graphs to validate hunting hypotheses, such as understanding attack paths and blast radius of a phishing campaign, reconstructing multi‑step attack chains, and identifying structurally unusual or high‑risk behavior, making it accessible to your team and AI agents. Once persisted via a schedule job, you can access these custom graphs from the ready-to-use section in the graph experience in the Defender portal. Graphs experience in the Microsoft Defender portal After creating your custom graphs, you can access them in the graphs section of the Defender portal under Sentinel. From there, you’ll be able to perform interactive graph-based investigations, such as using a graph built for phishing analysis to help you quickly evaluate the impact of a recent incident, profile the attacker, and trace its paths across Microsoft telemetry and third-party data. The new graph experience lets you run Graph Query Language (GQL) queries, view the graph schema, visualize the graph, view graph results in tabular format, and interactively travers the graph to the next hop with a simple click. Sentinel MCP Sentinel MCP entity analyzer [General availability, April 1] Entity analyzer provides reasoned, out-of-the-box risk assessments that help you quickly understand whether a URL or user identity represents potential malicious activity. The capability analyzes data across modalities including threat intelligence, prevalence, and organizational context to generate clear, explainable verdicts you can trust. Entity analyzer integrates easily with your agents through Sentinel MCP server connections to first-party and third-party AI runtime platforms, or with your SOAR workflows through Logic Apps. The entity analyzer is also a trusted foundation for the Defender Triage Agent and delivers more accurate alert classifications and deeper investigative reasoning. This removes the need to manually engineer evaluation logic and creates trust for analysts and AI agents to act with higher accuracy and confidence. Learn more about entity analyzer and in our blog here. Entity analyzer will be billed starting April 1, 2026, based on Security Compute Units (SCU) consumption. Learn more about MCP billing. Sentinel MCP graph tool collection [Public preview, May 20] Graph tool collection helps you visualize and explore relationships between identities and device assets, threats and activities signals ingested by data connectors and alerted by analytic rules. The tool provides a clear graph view that highlights dependencies and configuration gaps, which makes it easier to understand how content interacts across your environment. This helps security teams assess coverage, optimize content deployment, and identify areas that may need tuning or additional data sources, all from a single, interactive workspace. Executing graph queries via the MCP tools will trigger the graph meter. Claude MCP connector [Public preview, April 1] Anthropic Claude can connect to Sentinel through a custom MCP connector, giving you AI-assisted analysis across your Sentinel environment. Microsoft provides step-by-step guidance for configuring a custom connector in Claude that securely connects to a Sentinel MCP server. With this connection you can summarize incidents, investigate alerts, and reason over security signals while keeping data inside Microsoft's security boundary. Access to large language models (LLMs) is managed through Microsoft authentication and role-based controls, supporting faster triage and investigation workflows while maintaining compliance and visibility. Threat Intelligence CVEs of interest in the Threat Intelligence Briefing Agent [Public preview in April] The Threat Intelligence Briefing Agent delivers curated intelligence based on your organization’s configuration, preferences, and unique industry and geographic needs. CVEs of interest which highlights vulnerabilities actively discussed across the security landscape and assesses their potential impact on your environment, delivering more timely threat intelligence insights. The agent automatically incorporates internet exposure data powered by the Sentinel platform to surface threats targeting technologies exposed in your organization. Together, these enhancements help you focus faster on the threats that matter most, without manual investigation. Microsoft Security Store Security Store embedded in Entra [General availability, March 23] As identity environments grow more complex, teams need to move faster and extend Entra with trusted third‑party capabilities that address operational, compliance, and risk challenges. The Security Store embedded directly into Entra lets you discover and adopt Entra‑ready agents and solutions in your workflow. You can extend Entra with identity‑focused agents that surface privileged access risk, identity posture gaps, network access insights, and overall identity health, turning identity data into clear recommendations and reports teams can use immediately. You can also enhance Entra with Verified ID and External ID integrations that strengthen identity verification, streamline account recovery, and reduce fraud across workforce, consumer, and external identities. Security Store embedded in Microsoft Purview [General availability, March 31] Extending data security across the digital estate requires visibility and enforcement into new data sources and risk surfaces, often requiring a partnered approach. The Security Store embedded directly into Purview lets you discover and evaluate integrated solutions inside your data security workflows. Relevant partner capabilities surface alongside context, making it easier to strengthen data protection, address regulatory requirements, and respond to risk without disrupting existing processes. You can quickly assess which solutions align to data security scenarios, especially with respect to securing AI use, and how they can leverage established classifiers, policies, and investigation workflows in Purview. Keeping integration discovery in‑flow and purchases centralized through the Security Store means you move faster from evaluation to deployment, reducing friction and maintaining a secure, consistent transaction experience. Security Store Advisor [General availability, March 23] Security teams today face growing complexity and choice. Teams often know the security outcome they need, whether that's strengthening identity protection, improving ransomware resilience, or reducing insider risk, but lack a clear, efficient way to determine which solutions will help them get there. Security Store Advisor provides a guided, natural-language discovery experience that shifts security evaluation from product‑centric browsing to outcome‑driven decision‑making. You can describe your goal in plain language, and the Advisor surfaces the most relevant Microsoft and partner agents, solutions, and services available in the Security Store, without requiring deep product knowledge. This approach simplifies discovery, reduces time spent navigating catalogs and documentation, and helps you understand how individual capabilities fit together to deliver meaningful security outcomes. Sentinel promotions Extending signups for promotional 50 GB commitment tier [Through June 2026] The Sentinel promotional 50 GB commitment tier offers small and mid-sized organizations a cost-effective entry point into Sentinel. Sign up for the 50 GB commitment tier until June 30, 2026, and maintain the promotional rate until March 31, 2027. This promotion is available globally with regional variations in pricing and accessible through EA, CSP, and Direct channels. Visit the Sentinel pricing page for details and to get started. Sentinel RSAC 2026 sessions All week – Sentinel product demos, Microsoft Booth #5744 Mon Mar 23, 3:55 PM – RSAC 2026 main stage Keynote with CVP Vasu Jakkal [KEY-M10W] Ambient and autonomous security: Building trust in the agentic AI era Tue Mar 24, 10:30 AM – Live Q&A session, Microsoft booth #5744 and online Ask me anything with Microsoft Security SMEs and real practitioners Tue Mar 24, 11 AM – Sentinel data lake theater session, Microsoft booth #5744 From signals to insights: How Microsoft Sentinel data lake powers modern security operations Tue Mar 24, 2 PM – Sentinel SIEM theater session, Microsoft booth #5744 Vibe-coding SecOps automations with the Sentinel playbook generator Wed Mar 25, 12 PM – Executive event at Palace Hotel with Threat Protection GM Scott Woodgate The AI risk equation: Visibility, control, and threat acceleration Wed Mar 25, 1:30 PM – Sentinel graph theater session, Microsoft booth #5744 Bringing knowledge-driven context to security with Microsoft Sentinel graph Wed Mar 25, 5 PM – MISA theater session, Microsoft booth #5744 Cut SIEM costs without reducing protection: A Sentinel data lake case study Thu Mar 26, 1 PM – Security Store theater session, Microsoft booth #5744 What's next for Security Store: Expanding in portal and smarter discovery All week – 1:1 meetings with Microsoft security experts Meet with Microsoft Defender and Sentinel SIEM and Defender Security Operations Additional resources Sentinel data lake video playlist Explore the full capabilities of Sentinel data lake as a unified, AI-ready security platform that is deeply integrated into the Defender portal Sentinel data lake FAQ blog Get answers to many of the questions we’ve heard from our customers and partners on Sentinel data lake and billing AI‑powered SIEM migration experience ninja training Walk through the SIEM migration experience, see how it maps detections, surfaces connector requirements, and supports phased migration decisions SIEM migration experience documentation Learn how the SIEM migration experience analyzes your exports, maps detections and connectors, and recommends prioritized coverage Accenture collaborates with Microsoft to bring agentic security and business resilience to the front lines of cyber defense Stay connected Check back each month for the latest innovations, updates, and events to ensure you’re getting the most out of Sentinel. We’ll see you in the next edition!What’s new in Microsoft Sentinel: April 2026
Welcome to the April 2026 edition of What's new in Microsoft Sentinel. April brings a broad set of updates, with RSAC 2026 announcements rolling out alongside new features. Highlights include cost limit enforcement to prevent runaway query costs, curated open-source intelligence in Threat Analytics, and new data connectors for CrowdStrike, Imperva, AWS, and Logstash. Together, these innovations help security teams control costs, stay ahead of emerging threats, and broaden visibility without added complexity. Read on to learn what's new with Sentinel. What's new OSINT reports in Threat Analytics [Preview] Customers can now consume curated OSINT articles alongside Microsoft-authored Threat Analytics reports, all in one place. (OSINT, or open-source intelligence, is any information readily available to the public.) These OSINT articles come enriched, as detailed in the following list, to help security teams move quickly from awareness to action. What’s included: Curated OSINT articles derived from trusted open-source research Clear summaries with links back to original sources Extracted indicators of compromise (IOCs) Mapped MITRE ATT&CK tactics and techniques Microsoft enrichment, analysis, and recommended actions (when available) By bringing OSINT directly into Threat Analytics, we’re reducing context switching, improving analyst efficiency, and helping customers operationalize open-source intelligence faster within their Defender workflows. Learn more. Cost limit enforcement for KQL queries and notebooks [Preview] Sentinel data lake cost policies do more than just send an alert when usage gets too high. You can set hard limits for KQL queries, jobs, and notebook sessions that block new work once a threshold is exceeded, eliminating surprise bills from runaway queries or heavy workloads. For example, instead of finding out about cost spikes after you run large queries against the data lake tier, enforcement stops further queries before the damage is done. Anything already running still finishes normally, and you get clear messaging about what happened and what to do next. You can lift guardrails temporarily, adjust thresholds, or disable enforcement on the fly. Learn more. Sentinel data connectors With 380 Sentinel data connectors, customers achieve broad visibility into complex digital environments and can expand their security operations effectively. Below are the latest updates. CrowdStrike API Connector [Generally Available] The CrowdStrike API Connector ingests logs from CrowdStrike APIs into Sentinel, fetching details on hosts, detections, incidents, alerts, and vulnerabilities from your CrowdStrike environment. Imperva Cloud WAF [Preview] The Imperva Cloud WAF data connector ingests Imperva logs into Sentinel through AWS S3 buckets, giving you visibility into web application traffic and threats detected by your Imperva deployment for monitoring, investigation, and threat hunting in Sentinel. AWS Elastic Load Balancer (ELB) [Preview] This connector allows you to ingest AWS Elastic Load Balancer (ALB, NLB, and GLB) logs into Sentinel. These logs contain detailed records for requests handled by your load balancers, including client IPs, latencies, request paths, and status codes. These logs are useful for monitoring traffic patterns, investigating anomalies, and ensuring security compliance. Logstash Output Plugin [Preview] For organizations that rely on Logstash to collect from on-premises, legacy, or air-gapped environments, the Sentinel Logstash Output Plugin has been rebuilt in Java to align with Microsoft's Secure Future Initiative (SFI) and provide improved security and long-term maintainability. The plugin uses the Azure Monitor Logs Ingestion API with Data Collection Rules (DCRs), giving you full schema control and the ability to ingest directly into Sentinel data lake as well as standard Sentinel tables. Learn more. Sentinel data federation [Preview] Sentinel data federation enables unified visibility and security analytics across federated and ingested data, without compromising data governance. Security teams can quickly query data in Microsoft Fabric, Azure Data Lake Storage (ADLS) Gen2, and Azure Databricks directly from Sentinel, no data movement required. This approach allows teams to explore data broadly through federation, then selectively ingest what matters most into Sentinel to unlock advanced detections, automation, and AI‑powered analytics. Learn more. Sentinel cost estimation tool [Preview] Customers and partners can confidently estimate Sentinel costs using the cost estimation tool. With meter-level guidance, you can model ingestion across analytics and data lake tiers, compare retention options, and estimate compute costs. Built‑in projections of up to three years offer transparency into spend, making it easier to plan, optimize, and share estimates. Try the Sentinel Cost Estimator. Microsoft Entra and Azure Resource Graph (ARG) connector enhancements [Preview] Enable new Entra assets (EntraDevices, EntraOrgContacts) and ARG assets (ARGRoleDefinitions) in existing asset connectors, expanding inventory coverage and powering richer, built‑in graph experiences for greater visibility. Create workbook reports directly from the data lake [Preview] Sentinel workbooks can directly run on the data lake using KQL, enabling you to visualize and monitor security data straight from the data lake. By selecting the data lake as the workbook data source, you can create trend analysis and executive reporting. Custom graphs [Preview] Custom graphs let you model relationships unique to your organization using data from Sentinel data lake, non-Microsoft sources, and federated data sources, all powered by Fabric. Instead of stitching together dozens of tables manually, you can build graphs that surface blast radius, trace attack paths, map privilege chains, and spot structural outliers like unusually broad access or anomalous email exfiltration. You can generate custom graphs using AI-assisted coding in the Microsoft Sentinel VS Code extension, persist them via a schedule job, and access them in the graphs experience in the Defender portal. Run Graph Query Language (GQL) queries, visualize results, and interactively traverse the graph to the next hop with a single click. These graphs also provide the knowledge context that enables AI-powered agent experiences to work more effectively, speeding investigations and helping you move from disconnected alerts to confident decisions at scale. Custom graph API usage for creating and querying graphs is billed according to the Sentinel graph meter. Learn more. MCP entity analyzer [General availability] Entity analyzer provides reasoned, out-of-the-box risk assessments that help you quickly understand whether a URL or user identity represents potential malicious activity. It analyzes data across threat intelligence, prevalence, and organizational context to generate clear, explainable verdicts you can trust. Entity analyzer integrates with your agents through Sentinel MCP server connections to first-party and third-party AI runtime platforms, or with your SOAR workflows through Logic Apps. It also serves as a trusted foundation for the Defender Triage Agent, delivering more accurate alert classifications and deeper investigative reasoning. Entity analyzer is billed based on Security Compute Units (SCU) consumption. Learn more about entity analyzer and MCP billing. Claude MCP connector [Preview] Anthropic Claude can connect to Sentinel through a custom MCP connector, giving you AI-assisted analysis across your Sentinel environment. Microsoft provides step-by-step guidance for configuring a custom connector in Claude that securely connects to a Sentinel MCP server. With this connection you can summarize incidents, investigate alerts, and reason over security signals while keeping data inside Microsoft's security boundary. Access to large language models (LLMs) is managed through Microsoft authentication and role-based controls, supporting faster triage and investigation workflows while maintaining compliance and visibility. CVEs of interest in the Threat Intelligence Briefing Agent [Preview] The Threat Intelligence Briefing Agent delivers curated intelligence based on your organization’s configuration, preferences, and unique industry and geographic needs. The agent surfaces Common Vulnerabilities and Exposures (CVEs) of interest, highlighting vulnerabilities actively discussed across the security landscape and assessing their potential impact on your environment for more timely threat intelligence insights. The agent automatically incorporates internet exposure data powered by the Sentinel platform to surface threats targeting technologies exposed in your organization. Together, these enhancements help you focus faster on the threats that matter most, without manual investigation. Additional resources Blogs and documentation: Featured blog: App Assure launches its Sentinel Advisory Service Agentic use cases for developers on Microsoft Sentinel The Unified SecOps Transition: Why It Is a Security Architecture Decision, Not Just a Portal Change What's new in Microsoft Defender – April 2026 Webinars and training: Featured webinar: Powering the Agentic SOC with Scott Woodgate, General Manager, Microsoft Threat Protection Featured training: Introducing the Microsoft Sentinel Training Lab. Hands-On Security Operations in Minutes Beyond KQL – Unlocking SOC Insights with Sentinel data lake Jupyter Notebooks Hyper scale your SOC: Manage delegated access and role-based scoping in Microsoft Defender Stay connected Check back each month for the latest innovations, updates, and events to ensure you’re getting the most out of Microsoft Sentinel. We’ll see you in the next edition!Hands-on webinar: Study and Learn agent in M365 Copilot
Join us on Wednesday, May 13th @ 8am Pacific Time for an in-depth professional development webinar on the new Study & Learn agent in Microsoft 365 Copilot, which is about to become available for all students 13+ and educators. This will be a 60-minute hands-on webinar where the Product Management team will walk through the Study & Learn agent, which is purpose-built for learning. The experience goes beyond just answering questions and instead guiding students through concepts with step-by-step support, interactive activities like quizzes and flashcards, and conversations grounded in learning science. The Study & Learn agent will be globally available by the time of this webinar on May 13th, 2026. We will also be providing links for professional development credit at this session. And don’t worry – we’ll be recording these and posting on our Microsoft Education YouTube channel so you’ll always to able to watch later or share with others. What we will cover ✅ Introduce the new Study & Learn agent ✅Understand concept/question, FC and Quiz, Matching and FIB ✅IT admin motions for enabling Copilot Chat ✅Learning Activities for students hands-on ✅CPNBs and Study Guide slides and demo 📅 Date: Tuesday, May 13th ⏰ Time: 8:00 AM Pacific 🔗 Register: https://msit.events.teams.microsoft.com/event/msit.954c5c3b-cbc0-458d-9739-49e3e8b4baf7@72f988bf-86f1-41af-91ab-2d7cd011db47Accelerating the Flow of Learning
By Vince Frankson, Authentica Solutions | Guest Post via the Microsoft Education Blog Education technology leaders are not short on vision; they are short on time. They know exactly what their Microsoft 365 environment is capable of. What they deserve are better tools, smarter automation, and a partner that shows up ready to serve. At Authentica Solutions, we pride ourselves on our culture of servant leadership, not just as a slogan, but as our guiding principle. Our mission is to support and serve district technology teams, ensuring that technology enhances their valuable work rather than making it more complex. Everything we build is organized around one purpose: accelerating the flow of learning. Not technology for its own sake... tools and services focused at getting teachers back to teaching, students back to learning, and district leaders back to the decisions that matter most. With the school year winding down and Back to School planning already on the horizon, there is no better moment to look at where your Microsoft 365 environment stands, and how the right tools and the right team can compress your timeline, free your people, and make this the smoothest Back to School launch yet. District Technology Teams Deserve Better Tools K-12 technology leaders oversee complex systems, sometimes across multiple campuses, and support a wide range of users. While Microsoft 365 offers advanced features, many remain underused due to the time and expertise required for full implementation. Microsoft’s School Data Sync (SDS) is a great example. It is a genuinely powerful free service that automates the flow of student roster and identity data from your Student Information System (SIS) into Microsoft Entra ID, provisioning Teams classrooms, Intune device groups, SharePoint sites, and OneNote Class Notebooks automatically, at scale. The platform is exceptional. Fully configuring it, keeping it healthy across an academic year, and extending its value into the rest of the data ecosystem is specialized work that deserves specialized support. Authentica addresses this gap by providing support so school IT teams can focus on high-impact tasks, helping educators and students achieve more. Authentica seed™: Built to Accelerate the Flow of Learning Authentica seed™ is Authentica’s Education Intelligence Cloud Service, designed to streamline learning by enabling clean, automated, bidirectional data pipelines. This allows teachers to access rosters quickly, students to begin learning immediately, and administrators to monitor instruction in real time, accelerating progress for everyone. Getting Your Data into Microsoft 365 seed™ sits between your SIS and SDS, handling data preparation, mapping, and delivery so your team can focus on higher-value work. Districts that previously invested significant time in validation cycles and configuration troubleshooting are reaching full value in a fraction of the time. Automated SIS-to-SDS delivery with built-in validation, so errors are caught before they ever reach your tenant. Support for OneRoster API and CSV formats across all major SIS platforms, meeting your district where it already is. Automatic provisioning of users, classes, and groups across Microsoft Entra ID, Teams, SharePoint, Exchange, and Intune for Education. Manage Student Age Groups to limit or support access to Microsoft Copilot for students 13+. Every hour returned from focusing on the data pipeline is an hour returned to learning. That is Cloud with Purpose. Getting Your Data Back Where It Belongs Learning does not stop at the edge of Microsoft 365, and neither should your data. seed™ closes the loop by moving grade data, assessment data, and engagement signals back to the platforms that need them, automatically. Back to your SIS: Keeping your system of record current and authoritative without double grade entry. To your Analytics platform: Giving administrators and instructional coaches visibility into what is working, event making Microsoft 365 activity visible, without waiting for manual exports. Building your dream data estate: What if you could combine your academic and instructional data, your operations and staff data, and your financial data into a single place? What if you could have it prepped and ready so you can ask questions with Copilot and / or AI Agents. Which schools have the most students off track right now? Top 5, and why. Where are we spending the most with the weakest results? Top 3. One connected data ecosystem. Compounding the return on every platform investment your district has made and accelerating the flow of learning throughout. UsageIQ™ Microsoft 365 Edition: Giving Leaders the Visibility They Deserve District technology leaders make consequential decisions about licensing, training, and support every year. They deserve data that makes those decisions clear. Authentica UsageIQ™ Microsoft 365 Edition was built to provide exactly that: a straightforward, actionable picture of how your Microsoft 365 environment is being used across the organization. Not a consultant engagement. Not a manual pull from the admin portal. A purpose-built, single view of your tenant that tells you what you need to know, when you need to know it. App-by-app usage across your tenant: Teams, SharePoint, OneDrive, Exchange, OneNote, and more, in one place. School-by-school and role-based breakdowns: See where adoption is strong and where targeted support would unlock real value. License utilization insights: Ensure every seat is earning its value and renewal conversations are grounded in actual usage data. Back to School readiness views: Identify accounts and configurations that need attention before day one, not after. When technology leaders can see clearly, they lead confidently. That visibility is not a luxury. It is what great tools are supposed to deliver. Managed Services for Microsoft 365: A Team That Has Been Here Before At Authentica, we deliver Managed Services with a servant leadership mindset. We're not just a helpdesk, our team has years of experience at Microsoft, having built education solutions like SDS, Teams for Education, and Graph APIs. We support your district as an expert extension to handle critical Microsoft 365 tasks efficiently, allowing your technology staff to focus on their key responsibilities. What Managed Services for Microsoft 365 Covers End-of-Year close support for SDS expiration management, tenant cleanup, graduating account archiving, and identity hygiene, handled on time and on spec so your team can close the year cleanly. Back to School launch for new year SDS configuration, classroom provisioning, device group refresh, and Conditional Access review, so teachers walk into a working environment on day one. Ongoing SDS health monitoring and proactive troubleshooting, so issues are resolved before they become incidents Microsoft Entra ID and identity management support across the full user lifecycle. Teams for Education configuration, governance, and adoption enablement. Intune for Education device policy and deployment support. Copilot readiness assessment and enablement, so your district is positioned for AI-powered learning when you are ready to move. This is what it looks like when your Microsoft 365 environment has a team behind it that is fully committed to your success, not just at launch, but every day. End of School Checklist: Five Things Worth Doing Before Summer Break These are the actions that make Back to School smoother, faster, and less reactive. Your team knows this; this is a reminder of what is worth prioritizing before the calendar turns. Audit Microsoft Entra ID for inactive and graduating accounts. Clean identities now mean a cleaner, more secure tenant heading into the new year, and fewer licensing surprises at renewal. Review your SDS sync health. Check error and warning logs now. Small data issues that are easy to address in the spring become August emergencies. Get ahead of them while there is room to breathe. Check your Microsoft 365 license utilization. If you are on A3 or A5, are those features actively working for your district? UsageIQ™ Microsoft 365 Edition can show you the full picture and give you a clear story heading into renewal season. Archive Teams classes from the current year. Establish your retention and archival approach before the new year roster drop. A clean tenant makes everyone faster, IT, teachers, and students. Plan your Back-to-School timeline now. Microsoft School Data Sync (SDS) provisioning for a large district takes time. Build in buffer, engage your support resources before August, and set your team up to launch the year confidently instead of reactively. We Are Here to Serve Authentica Solutions is offering a complimentary Microsoft 365 Readiness Assessment for districts that want a clear picture of where they stand before the new year begins. This is a straightforward conversation with our team, people who have been inside these systems for years, helping you identify what is working, what is ready to unlock, and where the right tools can return the most value. No pressure. Just expertise, in service of your district and the learning that happens inside it. Let’s talk to schedule your complimentary Microsoft 365 Readiness Assessment. About Authentica Solutions Authentica Solutions is an EdTech company grounded in servant leadership and built around one purpose: accelerating the flow of learning. Our team, including former Microsoft engineers who built core Microsoft 365 education products, serves K-12 districts through seed™, UsageIQ™, reachAI™, and Managed Services for Microsoft 365. Cloud with Purpose. Visit www.authenticasolutions.comWhat's New in Microsoft Teams | April 2026
Our team just wrapped up the M365 Community Conference in Orlando, FL, and it was an incredible way to close out April! Our teams were energized by connecting with, listening to, and sharing what’s new with many of you: the builders, innovators and icons of intelligent work. Thank you to everyone who attended, and we can’t wait to see even more of you at next year’s conference! As for this month’s Teams updates, we remain focused on bringing you features that can make collaboration more intelligent, secure, and seamless—whether you’re working with AI, managing calls, or enabling hybrid teams at scale. Across meetings, calling, and the workplace, you’ll find improvements designed to remove friction, from smarter call handling with Copilot call delegation, to Interpreter agent enhancements that support proper attribution for sign-language users in meetings, and updated room booking and live transcription in meetings in Teams Rooms. In another new update, Targeted messages for agents now enables your agents and bots to send targeted, private, temporary updates to specific users in chats, channels, and meetings, without interrupting everyone else. We’re also delivering meaningful security and compliance enhancements, including sensitivity label inheritance for meeting recordings and Loop notes, improved admin visibility into external collaboration risks, and new user‑reported security signals in the Teams admin center. These updates help organizations protect information end to end, without slowing down teamwork. Together, these updates reflect our continued focus on helping teams collaborate more effectively, confidently, and securely—every day. Read on for all the latest updates! Feature categories: (All features listed are generally available unless otherwise noted) Chat and Collaboration Meetings Teams Phone Workplace Fundamentals and Security Platform Frontline Workers Certified for Teams Devices Chat and Collaboration Targeted messages for agents on Teams Send private, targeted messages from agents or bots to a specific person in a channel, group chat, or meeting—without distracting everyone else. Agents can share timely prompts, reminders, or next steps only with the people who need them, keeping conversations focused and clutter-free. As situations change, agents can update or remove these messages so guidance stays relevant and accurate. To enable targeted messaging for agents visit this page: Targeted Messages - Teams | Microsoft Learn Simplified Teams app bar The Teams app bar has been simplified to help you focus on what matters. App labels are hidden by default to reduce visual noise, the overflow menu is less cluttered, and you can now choose to show or hide the app bar to create more space for your work. New controls for quick views in the Teams chat list Positioned at the top of the chat and channels list in Teams, quick view controls provide fast access to mentions, followed threads, and more. You can choose when and how quick views are displayed – and can collapse the section at any time. Experts & verified answers in communities Help community members quickly identify trusted responses with Community Experts and verified answers. In the Engage app for Android and the Engage app in Teams for iOS and Android, members can request expert status, which admins can review and assign. Approved experts are highlighted with a special label next to their names and, along with admins, can endorse accurate and credible responses. Once marked, these responses receive a “verified” label, making it easy for viewers to recognize correct answers and rely on trusted expertise across community conversations. Microsoft Viva: Engage community membership management in Teams for iOS & Android Manage your communities on the go. Community admins can now add or remove members directly from the Teams mobile app on iOS and Android. Keep your Viva Engage communities up to date—anytime, anywhere. Meetings Consecutive interpretation in Interpreter agent Consecutive interpretation is a new mode in Microsoft Teams Interpreter that helps participants collaborate more naturally in meetings with two spoken languages. With consecutive interpretation, the translation begins after each speaker finishes speaking. This creates a turn-based flow that more closely reflects how people naturally communicate in multilingual conversations. In addition, consecutive interpretation brings Interpreter onto the meeting stage for everyone to see and hear, making it easier to follow, participate, and stay aligned. With this update, Interpreter now supports two modes: real-time simultaneous interpretation, launched last year, and the new consecutive interpretation mode designed for back-and-forth conversations—now available in public preview. Accurate transcript attribution for meetings with sign language interpreters Transcripts now attribute contributions to the original participant using sign language, not the interpreter. This ensures ideas and decisions are correctly credited to the person who shared them, including in Copilot chat and meeting recap. Spoken language detection is now automatic Spoken language detection is now fully automatic. Teams will automatically detect each speaker’s spoken language and update it in real time as the conversation evolves. Manual spoken language selection will no longer be available. This applies to both live captions and transcripts when Interpreter is enabled or when multilingual speech recognition is turned on in meeting options, helping deliver more accurate language recognition and a more consistent multilingual meeting experience. Teams meeting Notes, powered by Loop Teams meeting Notes, powered by Loop, are now available for instant meetings that started via ‘Meet now’ from the calendar. Notes are Loop components in Teams meetings and chats that allow end users to co-create and collaborate on their meeting agenda, notes, and action items that can be co-authored and edited by everyone. Since Notes are Loop components, they stay in sync across all the places they have been shared. Once added, meeting notes can also be shared and edited in the Loop app in your web browser. Resize the top video gallery in Teams meetings to see more people when content is being shared. Now you can resize the video gallery at the top of your meeting window when content is being shared, making it easy to see more participants alongside the presentation. Simply drag the divider between the shared content and the video gallery to adjust how much space each takes up. Whether you're in a small team sync or a large all-hands meeting, this gives you the flexibility to keep more faces visible while staying focused on what's being presented, helping everyone feel seen and engaged. Available on Windows desktop and Mac. Teams Phone Copilot call delegation - Frontier Incoming calls don’t wait for a break in your day. Whether you’re leading a meeting or juggling back-to-back commitments, every new call creates the same dilemma: answer and risk losing momentum, or ignore it and risk missing something important. Microsoft 365 Copilot can now help answer your incoming Teams calls and schedule follow-up appointments on your behalf. After turning on the experience in the Teams Calls settings, call delegation gathers context from callers that it shares with you to help you decide whether to pick up. It can also set up follow-up appointments via Microsoft Bookings so that you remember to meet with the callers that matter most. This experience is available to users with a Microsoft 365 Copilot license through Frontier early access program. Learn more about call delegation and the Frontier program. Teams Phone user multi-line Many organizations need a way for a single person to represent multiple departments or regions in calling without juggling different Teams accounts, devices, or complicated routing workarounds. Teams Phone user multi-line now enables Teams administrators to configure and assign up to 10 phone numbers to an individual user through Teams admin center. Supported across desktop and Teams phone devices, user multi-line is ideal for individuals who handle multiple roles or who call contacts across different geographies. For example, a communications director supporting both press relations and analyst relations can take inbound calls for either function and place outbound calls using the appropriate number, all within a unified Teams experience. Or a customer success manager covering North America and Europe can use dedicated regional numbers so that customers reach the right line and interact with a familiar local caller ID, helping build greater trust. Learn more. Workplace - Rooms Ad-hoc room reservation from Teams Rooms on Android console With Teams Rooms on Android consoles, you can quickly book a meeting room for immediate use, helping to avoid scheduling conflicts and ensure uninterrupted spontaneous meetings. Available in Teams Rooms Pro-licensed rooms. Learn more. Live transcription in Teams Rooms on Android View and control live transcription during a meeting from a Teams Rooms on Android device. The real-time transcript includes speaker names and timestamp. You can adjust settings such as spoken language, translated language, and whether both original and translated transcripts are displayed side by side on the front of room display. This feature is available in Teams Rooms Pro. Learn more. Digital signage in Teams Rooms on Android As with Teams Rooms on Windows, IT Admins can now set up Teams Rooms on Android to show dynamic content on the front-of-room display when not in use. Configuration is available for tenant-wide and room-specific settings via the Teams Rooms Pro Management portal. The feature supports select third-party digital signage partners like Appspace and XOGO, and is included with Teams Rooms Pro. Learn more. Fundamentals and Security Sensitivity label inheritance for meeting recordings and Loop meeting notes Meeting recordings and Loop meeting notes now automatically inherit your meeting’s sensitivity label. When admins enable label inheritance in the sensitivity label policy, any labeled meeting applies the same label to its MP4 recording and meeting notes, ensuring access controls and protections like data handling rules and encryption carry forward consistently. This also ensures that Copilot and agent responses based on transcripts and notes accurately reflect the meeting’s sensitivity, keeping confidential content protected end to end. External Domains Anomalies Report The External Domains Anomalies Report helps admins proactively identify unusual or risky interactions with external organizations in Microsoft Teams. By analyzing communication trends and detecting sudden spikes, new domains, or abnormal engagement patterns, it provides early visibility into potential data-sharing or security risks. As external collaboration continues to grow, this report offers admins actionable insights to protect their tenants while maintaining productive cross-organization collaboration. The report is available in the Teams Admin Center. It’s updated daily, and admins can select a time range to view (for example, the past 24 hours or past 7 days). User reported security signals in Teams admin center This update brings end‑user security reporting into Teams Admin Center. Admins can now view and download signals from messages users report as “a security concern” or “not a security concern” within TAC Protection reports, helping them identify trends and fine‑tune policies and responses. Microsoft Teams VDI Optimization for Omnissa on Windows Microsoft Teams has long supported Omnissa in Virtual Desktop Infrastructure (VDI) environments; this feature advances that support by bringing Omnissa deployments onto Microsoft’s modern Teams VDI optimization architecture. With this update, organizations running Teams on Omnissa can take advantage of the new optimization to deliver improved performance, greater feature parity with the native desktop client, and a more reliable experience for meetings, audio, video, and screen sharing—while continuing to benefit from the centralized management, security, and scalability of VDI. Trigger workflows from messages on Teams mobile (Android and iOS) Users can now trigger Microsoft Teams workflows directly from a message on Teams mobile for Android and iOS, enabling common automation scenarios - such as approvals, notifications, or follow‑up actions - without switching devices or leaving the conversation. This update extends workflow message actions to mobile, improves UI reliability, and helps close parity gaps between desktop and mobile experiences for Teams workflows. Prevent screen capture for iOS Prevent screen capture is now available on the Microsoft Teams iOS app. When enabled, this setting helps protect your meeting by preventing the meeting window from being captured in screenshots. This capability builds on the Prevent screen capture experience already available on Desktop Windows and Android mobile app, helping organizations apply more consistent protections across supported Teams clients when discussing confidential topics. Mac desktop, virtual desktop, and older clients aren't supported. People on these platforms will not be able to turn on their own video, share their screen, or see other's videos or shared screens. Platform Python support in the Microsoft Teams SDK Teams SDK is now available in Python. With the Teams SDK, developers have a production‑ready foundation for building intelligent collaboration‑centric experiences directly within Microsoft Teams. And now, Python developers can take full advantage of that platform, using the same SDK surface that powers modern Teams apps and agents. You can learn more about the Python release of the Teams SDK in the Getting Started | Teams SDK documentation. Frontline workers Pilots Kickstart frontline innovation with the Frontline Hub in Teams admin center. Create pilots in just a few clicks—choose the capabilities you want to test, select workers and managers, and monitor adoption through real-time usage insights. With built-in management controls, you can easily iterate as you learn: adjust features, update participants, and expand channels—all without slowing down your rollout. Deploy at scale Deploying Microsoft Teams to your frontline workforce is now faster and more seamless than ever. A new guided deployment experience in the Teams admin center lets you roll out a standardized Teams setup—whether you’re expanding a pilot or launching organization‑wide—in just a few steps. From one place, you can add frontline workers, organize them into teams, and apply a consistent pinned app configuration that updates automatically as your needs evolve. Once deployed, the Frontline hub gives you centralized control to manage teams, adjust pinned apps across your entire frontline workforce, and monitor adoption with built‑in usage insights. This streamlined approach helps you scale confidently, maintain consistency, and keep every frontline worker connected with the tools they rely on. Certified for Teams Devices Cisco Express Install Solutions for Teams Rooms Cisco Express Install solutions are fully integrated meeting room packages designed for fast, large‑scale deployment of Microsoft Teams Rooms. These Cisco‑certified bundles combine Cisco Room Bar or Room Bar Pro devices with Samsung commercial displays and Ashton Bentley freestanding mounts. Ergonomically designed for optimal camera angles and viewing height, the solutions deliver a consistent, familiar Teams Rooms experience across locations while enabling rapid global rollout with minimal on‑site effort. Two bundles (each available in either First Light or Carbon color) feature the Cisco Room Bar package and are designed for huddle spaces, focus rooms, and small meeting rooms: Cisco Room Bar with 43” display Cisco Room Bar with 55” display Two bundles (each available in either First Light or Carbon color) feature the Cisco Room Bar Pro package and are designed for small and mid-sized meeting rooms: Cisco Room Bar Pro with 75” display Cisco Room Bar Pro with two 55” displays One bundle (available in either First Light or Carbon color) features the Cisco Room Kit EQ package and is designed for midsize, large, and extra-large meeting rooms: Cisco Room Kit EQ with 105” display Neat Express Install: TAA-Compliant Neat Board Pro with Heckler Stand Neat Board Pro with the Heckler Stand is TAA compliant, making it easier for US federal government agencies, higher‑education institutions, and other public‑sector organizations to bring award‑winning video collaboration solutions into their workspaces. Together, they provide cutting‑edge audiovisual and AI‑driven capabilities—supporting high‑performance cameras, far‑field microphones, and immersive 4K touch experiences designed for medium to large spaces. Learn more. Jabra Express Install: PanaCast 40 VBS Bundles (LG displays available in: 43″ / 50″ / 55″ / 65″) The Jabra PanaCast 40 VBS teams up with Salamander Designs Acadia Tabletop Stand and LG 4K UHD displays to transform huddle rooms, focus rooms, and small meeting spaces into smart collaboration zones—fast. With panoramic video, intelligent audio, and clean cable management, this Express Install bundle is designed for sub‑90‑minute installation with no wall drilling or rewiring required. It’s a true plug‑and‑play Teams Rooms solution that’s easy to deploy, simple to manage, and ready for AI‑powered productivity. Learn more. Jabra PanaCast 40 VBS + Control IP PanaCast 40 VBS brings everyone into the picture with its 180° field‑of‑view and 4K precision—capturing every participant clearly, even those close to the screen or seated in the corners. AI‑powered video features track speakers, adjust views, and keep conversations natural for more productive meetings. Setup is quick, so rooms are ready in minutes. Built on the Microsoft Device Ecosystem Platform for robust security, and managed through Jabra+, it enables remote, real‑time device updates to keep collaboration seamless. Learn more. MAXHUB XBoard V7 (Display available in 55″ and 75″) The MAXHUB XBoard for Microsoft Teams Rooms is a Teams‑certified interactive display running Windows 11 IoT that delivers an all‑in‑one solution for meeting rooms and open spaces. Its Trident Lens triple‑camera system ensures clear, dynamic video calls, while Audio Fence technology filters background noise for crisp communication. With a high‑color‑gamut 4K/5K non‑glare display, flexible sizing, optional on‑seat touch console, and remote device management via MAXHUB Pivot, XBoard V7 offers a reliable, scalable collaboration experience with easy plug‑and‑play setup and a three‑year warranty. Learn more. MAXHUB Universal Console TCP33T MAXHUB Universal Console TCP33T is a Teams Rooms‑certified touch console designed for Microsoft Surface Hub and MAXHUB XBoard. It allows users to join meetings, invite participants, control meetings, and share content without leaving their seats—supporting smooth, focused, and efficient collaboration across meeting spaces. Learn more. MAXHUB XBar V70 Kit The MAXHUB XBar V70 Kit with console is a Teams‑certified videobar built on MDEP Android and designed for medium to large meeting rooms. It features a 200‑megapixel quad‑lens camera system, 16 beamforming microphones, AI‑enhanced audio, and FlexMount for simple installation. Built on Microsoft‑certified Android security architecture, the solution enables secure Teams integration, streamlined deployment, and remote device management through MAXHUB Pivot, with included service coverage to simplify ongoing IT operations. Learn more. Barco ClickShare Hub Pro and Huddly ®C1™ for Teams Rooms on Android The ClickShare Hub Pro and Huddly C1 bundle is a certified Microsoft Teams Rooms solution for small‑to‑medium meeting rooms. ClickShare Hub Pro enables one‑click, wireless conferencing and 4K content sharing with next‑generation ClickShare Buttons and dual‑screen support, all built on the Microsoft Device Ecosystem Platform for secure meetings. Huddly C1 adds modular, AI‑driven video and intelligent audio that scales from standalone to multi‑camera setups—delivering engaging meetings for participants and flexible, enterprise‑grade management for IT teams. Learn More Yealink UH42 / UH44 and WH68 Headsets Yealink expanded its portfolio of Teams‑certified headsets with wired UH42 and UH44 models and the WH68 Hybrid headset with charging stand. These devices are designed for professional use across open offices and hybrid work scenarios, offering clear audio, comfortable form factors for all‑day wear, and flexible connectivity options to support modern Teams calling and meetings. Yealink UH 42 and 44 (Mono) Yealink UH 42 and 44 (Dual) Yealink WH68
