diff --git a/rules/integrations/o365/defense_evasion_teams_external_access_enabled.toml b/rules/integrations/o365/defense_evasion_teams_external_access_enabled.toml
index f25893de776..a83611522d5 100644
--- a/rules/integrations/o365/defense_evasion_teams_external_access_enabled.toml
+++ b/rules/integrations/o365/defense_evasion_teams_external_access_enabled.toml
@@ -2,7 +2,7 @@
 creation_date = "2020/11/30"
 integration = ["o365"]
 maturity = "production"
-updated_date = "2025/12/10"
+updated_date = "2026/02/11"
 
 [rule]
 author = ["Elastic"]
@@ -21,13 +21,13 @@ from = "now-9m"
 index = ["logs-o365.audit-*", "filebeat-*"]
 language = "kuery"
 license = "Elastic License v2"
-name = "M365 Teams External Access Enabled"
+name = "Deprecated - M365 Teams External Access Enabled"
 note = """## Triage and analysis
 
 > **Disclaimer**:
 > This investigation guide was created using generative AI technology and has been reviewed to improve its accuracy and relevance. While every effort has been made to ensure its quality, we recommend validating the content and adapting it to suit your specific environment and operational needs.
 
-### Investigating M365 Teams External Access Enabled
+### Investigating Deprecated - M365 Teams External Access Enabled
 
 Microsoft Teams' external access feature allows users to communicate with individuals outside their organization, facilitating collaboration. However, adversaries can exploit this by enabling external access or adding trusted domains to exfiltrate data or maintain persistence. The detection rule monitors audit logs for changes in federation settings, specifically when external access is successfully enabled, indicating potential misuse.
 
diff --git a/rules/integrations/o365/persistence_teams_guest_access_enabled.toml b/rules/integrations/o365/persistence_teams_guest_access_enabled.toml
index f3ea966b491..ef65532a6c5 100644
--- a/rules/integrations/o365/persistence_teams_guest_access_enabled.toml
+++ b/rules/integrations/o365/persistence_teams_guest_access_enabled.toml
@@ -2,7 +2,7 @@
 creation_date = "2020/11/20"
 integration = ["o365"]
 maturity = "production"
-updated_date = "2025/12/10"
+updated_date = "2026/02/11"
 
 [rule]
 author = ["Elastic"]
@@ -20,13 +20,13 @@ from = "now-9m"
 index = ["logs-o365.audit-*", "filebeat-*"]
 language = "kuery"
 license = "Elastic License v2"
-name = "M365 Teams Guest Access Enabled"
+name = "Deprecated - M365 Teams Guest Access Enabled"
 note = """## Triage and analysis
 
 > **Disclaimer**:
 > This investigation guide was created using generative AI technology and has been reviewed to improve its accuracy and relevance. While every effort has been made to ensure its quality, we recommend validating the content and adapting it to suit your specific environment and operational needs.
 
-### Investigating M365 Teams Guest Access Enabled
+### Investigating Deprecated - M365 Teams Guest Access Enabled
 
 Microsoft Teams allows organizations to collaborate with external users through guest access, facilitating communication and teamwork. However, adversaries can exploit this feature to gain persistent access to sensitive environments by enabling guest access without authorization. The detection rule monitors audit logs for specific configurations that indicate guest access has been enabled, helping identify unauthorized changes and potential security breaches.