diff --git a/rules/integrations/github/defense_evasion_github_protected_branch_settings_changed.toml b/rules/integrations/github/defense_evasion_github_protected_branch_settings_changed.toml
index 002d067f57f..9b43b940301 100644
--- a/rules/integrations/github/defense_evasion_github_protected_branch_settings_changed.toml
+++ b/rules/integrations/github/defense_evasion_github_protected_branch_settings_changed.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/08/29"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
@@ -25,7 +27,7 @@ timestamp_override = "event.ingested"
 type = "eql"
 
 query = '''
-configuration where event.dataset == "github.audit" 
+configuration where event.dataset == "github.audit"
   and github.category == "protected_branch" and event.type == "change"
 '''
 
diff --git a/rules/integrations/github/execution_github_app_deleted.toml b/rules/integrations/github/execution_github_app_deleted.toml
index a147621f698..7bced445fa9 100644
--- a/rules/integrations/github/execution_github_app_deleted.toml
+++ b/rules/integrations/github/execution_github_app_deleted.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/execution_github_high_number_of_cloned_repos_from_pat.toml b/rules/integrations/github/execution_github_high_number_of_cloned_repos_from_pat.toml
index 2fa66f01e28..1d14e096df7 100644
--- a/rules/integrations/github/execution_github_high_number_of_cloned_repos_from_pat.toml
+++ b/rules/integrations/github/execution_github_high_number_of_cloned_repos_from_pat.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
@@ -29,8 +31,8 @@ timestamp_override = "event.ingested"
 type = "threshold"
 
 query = '''
-event.dataset:"github.audit" and event.category:"configuration" and event.action:"git.clone" and 
-github.programmatic_access_type:("OAuth access token" or "Fine-grained personal access token") and 
+event.dataset:"github.audit" and event.category:"configuration" and event.action:"git.clone" and
+github.programmatic_access_type:("OAuth access token" or "Fine-grained personal access token") and
 github.repository_public:false
 '''
 
diff --git a/rules/integrations/github/execution_github_ueba_multiple_behavior_alerts_from_account.toml b/rules/integrations/github/execution_github_ueba_multiple_behavior_alerts_from_account.toml
index b055bbe42af..aeefde947c4 100644
--- a/rules/integrations/github/execution_github_ueba_multiple_behavior_alerts_from_account.toml
+++ b/rules/integrations/github/execution_github_ueba_multiple_behavior_alerts_from_account.toml
@@ -1,7 +1,9 @@
 [metadata]
 creation_date = "2023/12/14"
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/execution_new_github_app_installed.toml b/rules/integrations/github/execution_new_github_app_installed.toml
index 3333aed0dcd..10754ac939c 100644
--- a/rules/integrations/github/execution_new_github_app_installed.toml
+++ b/rules/integrations/github/execution_new_github_app_installed.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/08/29"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/impact_github_repository_deleted.toml b/rules/integrations/github/impact_github_repository_deleted.toml
index 9e44a6d3a87..da383c6b1d6 100644
--- a/rules/integrations/github/impact_github_repository_deleted.toml
+++ b/rules/integrations/github/impact_github_repository_deleted.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/08/29"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/persistence_github_org_owner_added.toml b/rules/integrations/github/persistence_github_org_owner_added.toml
index ff3b80f0750..3046b5e72be 100644
--- a/rules/integrations/github/persistence_github_org_owner_added.toml
+++ b/rules/integrations/github/persistence_github_org_owner_added.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/09/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/persistence_organization_owner_role_granted.toml b/rules/integrations/github/persistence_organization_owner_role_granted.toml
index b2d9060a7f5..fae3507ce48 100644
--- a/rules/integrations/github/persistence_organization_owner_role_granted.toml
+++ b/rules/integrations/github/persistence_organization_owner_role_granted.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/09/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_attempted_bypass_of_okta_mfa.toml b/rules/integrations/okta/credential_access_attempted_bypass_of_okta_mfa.toml
index 25f813764a4..1770c2048f7 100644
--- a/rules/integrations/okta/credential_access_attempted_bypass_of_okta_mfa.toml
+++ b/rules/integrations/okta/credential_access_attempted_bypass_of_okta_mfa.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_attempts_to_brute_force_okta_user_account.toml b/rules/integrations/okta/credential_access_attempts_to_brute_force_okta_user_account.toml
index 41fc653de0f..f32685c206e 100644
--- a/rules/integrations/okta/credential_access_attempts_to_brute_force_okta_user_account.toml
+++ b/rules/integrations/okta/credential_access_attempts_to_brute_force_okta_user_account.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/08/19"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic", "@BenB196", "Austin Songer"]
diff --git a/rules/integrations/okta/credential_access_multiple_auth_events_from_single_device_behind_proxy.toml b/rules/integrations/okta/credential_access_multiple_auth_events_from_single_device_behind_proxy.toml
index 4720f87e525..bef0fbeec1c 100644
--- a/rules/integrations/okta/credential_access_multiple_auth_events_from_single_device_behind_proxy.toml
+++ b/rules/integrations/okta/credential_access_multiple_auth_events_from_single_device_behind_proxy.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/10"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_multiple_device_token_hashes_for_single_okta_session.toml b/rules/integrations/okta/credential_access_multiple_device_token_hashes_for_single_okta_session.toml
index 85a526210bf..42472c51c66 100644
--- a/rules/integrations/okta/credential_access_multiple_device_token_hashes_for_single_okta_session.toml
+++ b/rules/integrations/okta/credential_access_multiple_device_token_hashes_for_single_okta_session.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/08"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
-min_stack_version = "8.14.0"
-updated_date = "2024/11/27"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
+min_stack_version = "8.15.0"
+updated_date = "2024/12/09"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_from_single_source.toml b/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_from_single_source.toml
index 60db47af6d3..3b118d936c5 100644
--- a/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_from_single_source.toml
+++ b/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_from_single_source.toml
@@ -2,9 +2,9 @@
 creation_date = "2024/06/17"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
-min_stack_version = "8.14.0"
-updated_date = "2024/11/27"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
+min_stack_version = "8.15.0"
+updated_date = "2024/12/09"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_with_the_same_device_token_hash.toml b/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_with_the_same_device_token_hash.toml
index 516d6309b77..0f89ea844ff 100644
--- a/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_with_the_same_device_token_hash.toml
+++ b/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_with_the_same_device_token_hash.toml
@@ -2,9 +2,9 @@
 creation_date = "2024/06/17"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
-min_stack_version = "8.14.0"
-updated_date = "2024/11/27"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
+min_stack_version = "8.15.0"
+updated_date = "2024/12/09"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_brute_force_or_password_spraying.toml b/rules/integrations/okta/credential_access_okta_brute_force_or_password_spraying.toml
index a221d291841..c98a8ef41d7 100644
--- a/rules/integrations/okta/credential_access_okta_brute_force_or_password_spraying.toml
+++ b/rules/integrations/okta/credential_access_okta_brute_force_or_password_spraying.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/07/16"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_mfa_bombing_via_push_notifications.toml b/rules/integrations/okta/credential_access_okta_mfa_bombing_via_push_notifications.toml
index 71c0ac2de36..842d8fcac81 100644
--- a/rules/integrations/okta/credential_access_okta_mfa_bombing_via_push_notifications.toml
+++ b/rules/integrations/okta/credential_access_okta_mfa_bombing_via_push_notifications.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/18"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_multiple_device_token_hashes_for_single_user.toml b/rules/integrations/okta/credential_access_okta_multiple_device_token_hashes_for_single_user.toml
index 58407a95f08..b7192bba621 100644
--- a/rules/integrations/okta/credential_access_okta_multiple_device_token_hashes_for_single_user.toml
+++ b/rules/integrations/okta/credential_access_okta_multiple_device_token_hashes_for_single_user.toml
@@ -2,9 +2,9 @@
 creation_date = "2024/06/17"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
-min_stack_version = "8.14.0"
-updated_date = "2024/11/27"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
+min_stack_version = "8.15.0"
+updated_date = "2024/12/09"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_potentially_successful_okta_bombing_via_push_notifications.toml b/rules/integrations/okta/credential_access_okta_potentially_successful_okta_bombing_via_push_notifications.toml
index 9dffe4995e6..08bbd737342 100644
--- a/rules/integrations/okta/credential_access_okta_potentially_successful_okta_bombing_via_push_notifications.toml
+++ b/rules/integrations/okta/credential_access_okta_potentially_successful_okta_bombing_via_push_notifications.toml
@@ -2,9 +2,9 @@
 creation_date = "2022/01/05"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_user_impersonation_access.toml b/rules/integrations/okta/credential_access_user_impersonation_access.toml
index e10764d06e5..d9e191398dc 100644
--- a/rules/integrations/okta/credential_access_user_impersonation_access.toml
+++ b/rules/integrations/okta/credential_access_user_impersonation_access.toml
@@ -2,9 +2,9 @@
 creation_date = "2022/03/22"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_attempt_to_deactivate_okta_network_zone.toml b/rules/integrations/okta/defense_evasion_attempt_to_deactivate_okta_network_zone.toml
index a393b4768d0..0830aefec4e 100644
--- a/rules/integrations/okta/defense_evasion_attempt_to_deactivate_okta_network_zone.toml
+++ b/rules/integrations/okta/defense_evasion_attempt_to_deactivate_okta_network_zone.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_attempt_to_delete_okta_network_zone.toml b/rules/integrations/okta/defense_evasion_attempt_to_delete_okta_network_zone.toml
index 3c7dc064394..864ddf69f29 100644
--- a/rules/integrations/okta/defense_evasion_attempt_to_delete_okta_network_zone.toml
+++ b/rules/integrations/okta/defense_evasion_attempt_to_delete_okta_network_zone.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_first_occurence_public_app_client_credential_token_exchange.toml b/rules/integrations/okta/defense_evasion_first_occurence_public_app_client_credential_token_exchange.toml
index 1bcd9cf4991..7feaeba1c62 100644
--- a/rules/integrations/okta/defense_evasion_first_occurence_public_app_client_credential_token_exchange.toml
+++ b/rules/integrations/okta/defense_evasion_first_occurence_public_app_client_credential_token_exchange.toml
@@ -2,9 +2,9 @@
 creation_date = "2024/09/11"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy.toml
index 66bba3713e4..5e2252f7d7f 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy_rule.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy_rule.toml
index 34e3219b7d6..01a7abedc81 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy_rule.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy_rule.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy.toml
index 05dafd11bad..466d26faf82 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/28"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy_rule.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy_rule.toml
index 55872118829..3de8db3c817 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy_rule.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy_rule.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_network_zone.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_network_zone.toml
index 2dd141efcc8..65d4b557659 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_network_zone.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_network_zone.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy.toml
index 981b9cb1840..c5160d23933 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy_rule.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy_rule.toml
index 3c5a20608a0..d77631d5d89 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy_rule.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy_rule.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_suspicious_okta_user_password_reset_or_unlock_attempts.toml b/rules/integrations/okta/defense_evasion_suspicious_okta_user_password_reset_or_unlock_attempts.toml
index 5f1998261a0..bb2ca0b61da 100644
--- a/rules/integrations/okta/defense_evasion_suspicious_okta_user_password_reset_or_unlock_attempts.toml
+++ b/rules/integrations/okta/defense_evasion_suspicious_okta_user_password_reset_or_unlock_attempts.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/08/19"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic", "@BenB196", "Austin Songer"]
diff --git a/rules/integrations/okta/impact_attempt_to_revoke_okta_api_token.toml b/rules/integrations/okta/impact_attempt_to_revoke_okta_api_token.toml
index d2646e6596f..bcaec277d8a 100644
--- a/rules/integrations/okta/impact_attempt_to_revoke_okta_api_token.toml
+++ b/rules/integrations/okta/impact_attempt_to_revoke_okta_api_token.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/impact_okta_attempt_to_deactivate_okta_application.toml b/rules/integrations/okta/impact_okta_attempt_to_deactivate_okta_application.toml
index 82bd4f14fc3..8a5c7a5a910 100644
--- a/rules/integrations/okta/impact_okta_attempt_to_deactivate_okta_application.toml
+++ b/rules/integrations/okta/impact_okta_attempt_to_deactivate_okta_application.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/impact_okta_attempt_to_delete_okta_application.toml b/rules/integrations/okta/impact_okta_attempt_to_delete_okta_application.toml
index 58a590154ed..816c943f532 100644
--- a/rules/integrations/okta/impact_okta_attempt_to_delete_okta_application.toml
+++ b/rules/integrations/okta/impact_okta_attempt_to_delete_okta_application.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/impact_okta_attempt_to_modify_okta_application.toml b/rules/integrations/okta/impact_okta_attempt_to_modify_okta_application.toml
index 5b7b92872dd..79b5c489099 100644
--- a/rules/integrations/okta/impact_okta_attempt_to_modify_okta_application.toml
+++ b/rules/integrations/okta/impact_okta_attempt_to_modify_okta_application.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/impact_possible_okta_dos_attack.toml b/rules/integrations/okta/impact_possible_okta_dos_attack.toml
index 7864c704eb2..6300d7e24df 100644
--- a/rules/integrations/okta/impact_possible_okta_dos_attack.toml
+++ b/rules/integrations/okta/impact_possible_okta_dos_attack.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_first_occurrence_user_session_started_via_proxy.toml b/rules/integrations/okta/initial_access_first_occurrence_user_session_started_via_proxy.toml
index f68d2784119..b3bfe959584 100644
--- a/rules/integrations/okta/initial_access_first_occurrence_user_session_started_via_proxy.toml
+++ b/rules/integrations/okta/initial_access_first_occurrence_user_session_started_via_proxy.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_new_authentication_behavior_detection.toml b/rules/integrations/okta/initial_access_new_authentication_behavior_detection.toml
index ac5998271b5..3db6e919e6f 100644
--- a/rules/integrations/okta/initial_access_new_authentication_behavior_detection.toml
+++ b/rules/integrations/okta/initial_access_new_authentication_behavior_detection.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_okta_fastpass_phishing.toml b/rules/integrations/okta/initial_access_okta_fastpass_phishing.toml
index f3b4e496633..7b3bfb33839 100644
--- a/rules/integrations/okta/initial_access_okta_fastpass_phishing.toml
+++ b/rules/integrations/okta/initial_access_okta_fastpass_phishing.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/05/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Austin Songer"]
diff --git a/rules/integrations/okta/initial_access_okta_user_attempted_unauthorized_access.toml b/rules/integrations/okta/initial_access_okta_user_attempted_unauthorized_access.toml
index 6c45202679d..1dcfb9ddfb6 100644
--- a/rules/integrations/okta/initial_access_okta_user_attempted_unauthorized_access.toml
+++ b/rules/integrations/okta/initial_access_okta_user_attempted_unauthorized_access.toml
@@ -2,9 +2,9 @@
 creation_date = "2021/05/14"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic", "Austin Songer"]
diff --git a/rules/integrations/okta/initial_access_okta_user_sessions_started_from_different_geolocations.toml b/rules/integrations/okta/initial_access_okta_user_sessions_started_from_different_geolocations.toml
index f9efde51504..0eda4dd19c6 100644
--- a/rules/integrations/okta/initial_access_okta_user_sessions_started_from_different_geolocations.toml
+++ b/rules/integrations/okta/initial_access_okta_user_sessions_started_from_different_geolocations.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/18"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
-min_stack_version = "8.14.0"
-updated_date = "2024/11/27"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
+min_stack_version = "8.15.0"
+updated_date = "2024/12/09"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_sign_in_events_via_third_party_idp.toml b/rules/integrations/okta/initial_access_sign_in_events_via_third_party_idp.toml
index bf4051a5f23..7a76c2ed1e6 100644
--- a/rules/integrations/okta/initial_access_sign_in_events_via_third_party_idp.toml
+++ b/rules/integrations/okta/initial_access_sign_in_events_via_third_party_idp.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_successful_application_sso_from_unknown_client_device.toml b/rules/integrations/okta/initial_access_successful_application_sso_from_unknown_client_device.toml
index 0cd943dc369..2da36ae59b4 100644
--- a/rules/integrations/okta/initial_access_successful_application_sso_from_unknown_client_device.toml
+++ b/rules/integrations/okta/initial_access_successful_application_sso_from_unknown_client_device.toml
@@ -2,9 +2,9 @@
 creation_date = "2024/10/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_suspicious_activity_reported_by_okta_user.toml b/rules/integrations/okta/initial_access_suspicious_activity_reported_by_okta_user.toml
index 296376af7ba..12c7bfaf265 100644
--- a/rules/integrations/okta/initial_access_suspicious_activity_reported_by_okta_user.toml
+++ b/rules/integrations/okta/initial_access_suspicious_activity_reported_by_okta_user.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/lateral_movement_multiple_sessions_for_single_user.toml b/rules/integrations/okta/lateral_movement_multiple_sessions_for_single_user.toml
index e12e60de510..df9e1757100 100644
--- a/rules/integrations/okta/lateral_movement_multiple_sessions_for_single_user.toml
+++ b/rules/integrations/okta/lateral_movement_multiple_sessions_for_single_user.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/okta_threatinsight_threat_suspected_promotion.toml b/rules/integrations/okta/okta_threatinsight_threat_suspected_promotion.toml
index 795b1d799f2..1b44c0779b2 100644
--- a/rules/integrations/okta/okta_threatinsight_threat_suspected_promotion.toml
+++ b/rules/integrations/okta/okta_threatinsight_threat_suspected_promotion.toml
@@ -3,9 +3,9 @@ creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
 promotion = true
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_administrator_privileges_assigned_to_okta_group.toml b/rules/integrations/okta/persistence_administrator_privileges_assigned_to_okta_group.toml
index 5347d0411a6..0260f558495 100644
--- a/rules/integrations/okta/persistence_administrator_privileges_assigned_to_okta_group.toml
+++ b/rules/integrations/okta/persistence_administrator_privileges_assigned_to_okta_group.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_administrator_role_assigned_to_okta_user.toml b/rules/integrations/okta/persistence_administrator_role_assigned_to_okta_user.toml
index 84a97457a26..65649731dde 100644
--- a/rules/integrations/okta/persistence_administrator_role_assigned_to_okta_user.toml
+++ b/rules/integrations/okta/persistence_administrator_role_assigned_to_okta_user.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_attempt_to_create_okta_api_token.toml b/rules/integrations/okta/persistence_attempt_to_create_okta_api_token.toml
index e7e70c32b17..babed655d21 100644
--- a/rules/integrations/okta/persistence_attempt_to_create_okta_api_token.toml
+++ b/rules/integrations/okta/persistence_attempt_to_create_okta_api_token.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_attempt_to_reset_mfa_factors_for_okta_user_account.toml b/rules/integrations/okta/persistence_attempt_to_reset_mfa_factors_for_okta_user_account.toml
index a07e9b1a236..a615d4a5740 100644
--- a/rules/integrations/okta/persistence_attempt_to_reset_mfa_factors_for_okta_user_account.toml
+++ b/rules/integrations/okta/persistence_attempt_to_reset_mfa_factors_for_okta_user_account.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_mfa_deactivation_with_no_reactivation.toml b/rules/integrations/okta/persistence_mfa_deactivation_with_no_reactivation.toml
index 096f3a12b77..0dcc92b337c 100644
--- a/rules/integrations/okta/persistence_mfa_deactivation_with_no_reactivation.toml
+++ b/rules/integrations/okta/persistence_mfa_deactivation_with_no_reactivation.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/20"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_new_idp_successfully_added_by_admin.toml b/rules/integrations/okta/persistence_new_idp_successfully_added_by_admin.toml
index de6588f3a8c..7e5928c730b 100644
--- a/rules/integrations/okta/persistence_new_idp_successfully_added_by_admin.toml
+++ b/rules/integrations/okta/persistence_new_idp_successfully_added_by_admin.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_okta_attempt_to_modify_or_delete_application_sign_on_policy.toml b/rules/integrations/okta/persistence_okta_attempt_to_modify_or_delete_application_sign_on_policy.toml
index 428a0f1902f..7373dae2b31 100644
--- a/rules/integrations/okta/persistence_okta_attempt_to_modify_or_delete_application_sign_on_policy.toml
+++ b/rules/integrations/okta/persistence_okta_attempt_to_modify_or_delete_application_sign_on_policy.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/07/01"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml b/rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml
index e44251b069c..91fdc0a6283 100644
--- a/rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml
+++ b/rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/09"
 integration = ["endpoint", "okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_new_event_action_for_pat.toml b/rules_building_block/execution_github_new_event_action_for_pat.toml
index 8e86a15d30d..e8ab2101ae1 100644
--- a/rules_building_block/execution_github_new_event_action_for_pat.toml
+++ b/rules_building_block/execution_github_new_event_action_for_pat.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_new_repo_interaction_for_pat.toml b/rules_building_block/execution_github_new_repo_interaction_for_pat.toml
index 25d5e9b206d..af1fe749b4a 100644
--- a/rules_building_block/execution_github_new_repo_interaction_for_pat.toml
+++ b/rules_building_block/execution_github_new_repo_interaction_for_pat.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_new_repo_interaction_for_user.toml b/rules_building_block/execution_github_new_repo_interaction_for_user.toml
index a0033b2f29f..5aabab32d3c 100644
--- a/rules_building_block/execution_github_new_repo_interaction_for_user.toml
+++ b/rules_building_block/execution_github_new_repo_interaction_for_user.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_repo_created.toml b/rules_building_block/execution_github_repo_created.toml
index 8c023a636d7..40ab0a8d88b 100644
--- a/rules_building_block/execution_github_repo_created.toml
+++ b/rules_building_block/execution_github_repo_created.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_repo_interaction_from_new_ip.toml b/rules_building_block/execution_github_repo_interaction_from_new_ip.toml
index 97798e99e58..46e625fe8c3 100644
--- a/rules_building_block/execution_github_repo_interaction_from_new_ip.toml
+++ b/rules_building_block/execution_github_repo_interaction_from_new_ip.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/impact_github_member_removed_from_organization.toml b/rules_building_block/impact_github_member_removed_from_organization.toml
index d50c75c9943..7153494eaa4 100644
--- a/rules_building_block/impact_github_member_removed_from_organization.toml
+++ b/rules_building_block/impact_github_member_removed_from_organization.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/impact_github_pat_access_revoked.toml b/rules_building_block/impact_github_pat_access_revoked.toml
index 125bafc4e7a..4dd48492420 100644
--- a/rules_building_block/impact_github_pat_access_revoked.toml
+++ b/rules_building_block/impact_github_pat_access_revoked.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/impact_github_user_blocked_from_organization.toml b/rules_building_block/impact_github_user_blocked_from_organization.toml
index 616ee8e05d0..60fb77cb60d 100644
--- a/rules_building_block/impact_github_user_blocked_from_organization.toml
+++ b/rules_building_block/impact_github_user_blocked_from_organization.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/initial_access_github_new_ip_address_for_pat.toml b/rules_building_block/initial_access_github_new_ip_address_for_pat.toml
index fd32b329841..173fa693fb1 100644
--- a/rules_building_block/initial_access_github_new_ip_address_for_pat.toml
+++ b/rules_building_block/initial_access_github_new_ip_address_for_pat.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/initial_access_github_new_ip_address_for_user.toml b/rules_building_block/initial_access_github_new_ip_address_for_user.toml
index 8fb34fae282..b9e80d855c5 100644
--- a/rules_building_block/initial_access_github_new_ip_address_for_user.toml
+++ b/rules_building_block/initial_access_github_new_ip_address_for_user.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/initial_access_github_new_user_agent_for_pat.toml b/rules_building_block/initial_access_github_new_user_agent_for_pat.toml
index 5c83c4e356c..de9956f7246 100644
--- a/rules_building_block/initial_access_github_new_user_agent_for_pat.toml
+++ b/rules_building_block/initial_access_github_new_user_agent_for_pat.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/initial_access_github_new_user_agent_for_user.toml b/rules_building_block/initial_access_github_new_user_agent_for_user.toml
index 5f709035392..15d3b4dfcf7 100644
--- a/rules_building_block/initial_access_github_new_user_agent_for_user.toml
+++ b/rules_building_block/initial_access_github_new_user_agent_for_user.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/persistence_github_new_pat_for_user.toml b/rules_building_block/persistence_github_new_pat_for_user.toml
index e30e32ef376..1e6f93f050b 100644
--- a/rules_building_block/persistence_github_new_pat_for_user.toml
+++ b/rules_building_block/persistence_github_new_pat_for_user.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/persistence_github_new_user_added_to_organization.toml b/rules_building_block/persistence_github_new_user_added_to_organization.toml
index 3442fa65025..70bec844ae0 100644
--- a/rules_building_block/persistence_github_new_user_added_to_organization.toml
+++ b/rules_building_block/persistence_github_new_user_added_to_organization.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]