Microsoft Teams - FAQs - What Processes and Procedures are in Place To Update the Application and the Connect+ Bot If/When There Are Security Vulnerabilities Identified?

Security Vulnerabilities are automatically monitored through third-party vendor software such as Snyk, RIPS, and Sonarcloud, and triaged and resolved based on relevant CVSS scores. If a security vulnerability is to be reported by a partner (MS Teams), it would be assessed initially by our in-house information security team and triaged based on severity for resolution.