diff --git a/x-pack/plugins/security_solution/public/common/utils/endpoint_alert_check.test.ts b/x-pack/plugins/security_solution/public/common/utils/endpoint_alert_check.test.ts
index ad0f7a254cf3f4..b085fe67d3814a 100644
--- a/x-pack/plugins/security_solution/public/common/utils/endpoint_alert_check.test.ts
+++ b/x-pack/plugins/security_solution/public/common/utils/endpoint_alert_check.test.ts
@@ -5,15 +5,27 @@
  * 2.0.
  */
 
+import _ from 'lodash';
+import { mockDetailItemData } from '../mock';
 import { endpointAlertCheck } from './endpoint_alert_check';
 
 describe('utils', () => {
-  describe('endpoinAlertCheck', () => {
-    it('should return true if detections data comes from an endpoint rule', () => {
-      expect(endpointAlertCheck(mockData)).toBeTruthy();
-    });
+  describe('endpointAlertCheck', () => {
     it('should return false if detections data does not come from endpoint rule', () => {
-      expect(endpointAlertCheck(mockDataWithout)).toBeFalsy();
+      expect(endpointAlertCheck({ data: mockDetailItemData })).toBeFalsy();
+    });
+    it('should return true if detections data comes from an endpoint rule', () => {
+      _.remove(mockDetailItemData, function (o) {
+        return o.field === 'agent.type';
+      });
+      const mockEndpointDetailItemData = _.concat(mockDetailItemData, {
+        field: 'agent.type',
+        originalValue: 'endpoint',
+        values: ['endpoint'],
+        isObjectArray: false,
+      });
+
+      expect(endpointAlertCheck({ data: mockEndpointDetailItemData })).toBeTruthy();
     });
   });
 });
diff --git a/x-pack/plugins/security_solution/public/common/utils/endpoint_alert_check.ts b/x-pack/plugins/security_solution/public/common/utils/endpoint_alert_check.ts
index 1a74d60883fe23..e399cec0f3bbe8 100644
--- a/x-pack/plugins/security_solution/public/common/utils/endpoint_alert_check.ts
+++ b/x-pack/plugins/security_solution/public/common/utils/endpoint_alert_check.ts
@@ -9,6 +9,6 @@ import { find } from 'lodash/fp';
 import { TimelineEventsDetailsItem } from '../../../common/search_strategy';
 
 export const endpointAlertCheck = ({ data }: { data: TimelineEventsDetailsItem[] | null }) => {
-  const findEndpointAlert = find({ category: 'agent', field: 'agent.type' }, data)?.values;
+  const findEndpointAlert = find({ field: 'agent.type' }, data)?.values;
   return findEndpointAlert ? findEndpointAlert[0] === 'endpoint' : false;
 };