Microsoft Teams integration
Alerting & Communication
Microsoft Teams is where most organizations on Microsoft 365 run their daily conversations, so it is the natural place to surface security findings the moment they appear. The FortWatch Microsoft Teams integration (currently in development) will push every new finding from your continuous external scans straight into the channels your team already watches — turning an exposed database or an expiring certificate into an Adaptive Card someone sees in minutes, not a dashboard nobody opens.
Exposed Redis on 203.0.113.10:6379
Unauthenticated database reachable from the internet.
View finding & step-by-step fix →Microsoft Teams + FortWatch
FortWatch connects to Microsoft Teams by posting Adaptive Cards to a channel through an Incoming Webhook (set up via a Teams Workflow / Power Automate, Microsoft's current replacement for the legacy connector). When a scan completes or a new issue is detected, FortWatch formats the finding — severity, the affected asset, and a one-line explanation of the risk — into a card and posts it to the channel you choose, with a button that deep-links back to the finding in FortWatch. You map each severity to a destination, so criticals can hit your security or on-call channel while lower-severity findings collect quietly in a digest. A future native Teams app (built on the Microsoft Graph and Bot Framework) would add richer two-way actions, but the launch experience targets the webhook path because it works in any tenant without admin app approval.
FortWatch scans
Eleven scanners watch your external attack surface around the clock — ports, certs, DNS, cloud buckets, exposed files and more.
AI triages the finding
Each issue is scored by real-world impact and packaged with the affected asset and a one-line explanation of the risk.
Delivered to Microsoft Teams
The finding lands in Microsoft Teams, routed by severity — so the right people see the right alert, fast.
What you'll be able to do
Everything the Microsoft Teams integration will bring to your security workflow.
Real-time alerts
a new critical finding — an exposed Redis port, a public storage bucket — posts to a Teams channel the moment a scan detects it.
Severity routing
send criticals and highs to your security or on-call channel and batch lower-severity findings into a separate digest channel.
Adaptive Card deep links
every alert carries a one-click button back to the full finding and step-by-step remediation in FortWatch.
Scheduled digests
a daily or weekly summary of your external attack surface posted to one channel, so leadership sees the trend without opening the dashboard.
Scan notifications
know when a scheduled scan finishes and whether anything changed since the last run.
MSP-friendly fan-out
route each client's findings to its own dedicated channel or team to keep tenants cleanly separated.
What an alert looks like
Every finding arrives formatted for Microsoft Teams — severity up front, the affected asset, and a one-line explanation of why it matters, with a link straight to the step-by-step fix.
- Severity-tagged and color-coded
- The exact asset and port affected
- One click to the full finding & remediation
Microsoft Teams🔴 Critical · Exposed Redis on 203.0.113.10:6379\nUnauthenticated Redis is reachable from the internet — anyone can read, wipe, or take over the host.\nAsset: cache-prod-1 · Detected: 2 minutes ago\n[ View finding & step-by-step fix ]
Set it up in minutes, once it lands
No agents, no infrastructure changes — just connect Microsoft Teams and choose where alerts go.
When it launches, open Settings → Integrations in FortWatch and choose Microsoft Teams.
In the target Teams channel, add an Incoming Webhook via Workflows (Power Automate) and copy the generated URL.
Paste the webhook URL into FortWatch and pick a default channel for alerts (for example a #security channel).
Map each severity to a channel and decide which findings go out in real time versus a digest.
Send a test alert to confirm the Adaptive Card renders correctly, then switch it on.
Why route FortWatch into Microsoft Teams?
A finding only matters if someone sees it, and on Microsoft 365 teams Teams is open all day while the security dashboard is not. Routing FortWatch alerts into Teams collapses the gap between the moment something gets exposed and the moment someone starts fixing it — which is the entire point of continuous monitoring. Severity routing and digests keep the signal high so the channel stays worth watching.
Frequently asked questions
Is the Microsoft Teams integration available now?
Not yet — it is in active development. Add your email on this page and we will notify you the moment it ships.
Do I need to be a Microsoft 365 admin to set it up?
For the launch webhook approach, no tenant-wide admin approval is required — anyone who can manage a channel can add the Incoming Webhook and paste the URL into FortWatch. A future native Teams app would need a one-time admin install.
Will it flood my channel?
No. You control which severities post where, and lower-severity findings can be collected into a scheduled digest instead of pinging individually.
Want the Microsoft Teams integration when it ships?
We'll email you the moment it goes live — no spam, just the launch.
Get notified
Secure your entire stack today
Start scanning in under 5 minutes. No credit card required. 14-day free trial included.