[DOCS] Prebuilt rules prerequisites: Update Release Notes and What's New in 8.4

docs/release-notes/8.4.asciidoc

@@ -35,6 +35,8 @@ There are no breaking changes in 8.4.0.
 * Adds an endpoint self-healing feature to roll back file changes and processes on Windows endpoints when a prevention alert is generated by enabled protection features.
 * Adds the ability to run query packs as live queries ({pull}132198[#132198]).
 * Provides support for process, file, and network events in Kubernetes. You must enable the session view data setting on your {endpoint-cloud-sec} integration policy to enrich these events with session data and Kubernetes metadata fields.
+* Adds new fields to prebuilt detection rules' schemas: `related_integrations`, `required_fields`, and `setup` ({pull}132409[#132409]).
+* Adds the *Related integrations*, *Required fields*, and *Setup guide* sections to the rule details page to help users identify and meet a rule's prerequisites. Also adds the related integrations badge to the Rules table ({pull}131475[#131475]).
 
 [discrete]
 [[bug-fixes-8.4.0]]

docs/whats-new.asciidoc

@@ -76,6 +76,15 @@ Wildcards are now supported when defining {security-guide}/detections-ui-excepti
 
 18 new {security-guide}/prebuilt-rules.html[prebuilt rules] were added in 8.4.0.
 
+*Prerequisites and setup guides for Elastic prebuilt rules*
+
+Elastic prebuilt rules now provide additional information to help you identify and meet their {security-guide}/rules-ui-management.html#rule-prerequisites[prerequisites]. You can confirm these requirements in the *Related integrations* and *Required fields* sections of a rule's details page, and consult its *Setup guide* for additional guidance.
+
+[role="screenshot"]
+image::whats-new/images/8.4/rule-details-prerequisites.png[Rule details page with Related integrations, Required fields, and Setup guide highlighted]
+
+NOTE: Content for these new sections is delivered in a prebuilt rules update, independent of {stack} release versioning.
+
 [discrete]
 == Response console for endpoint response actions
 
@@ -148,4 +157,12 @@ When {security-guide}//alerts-run-osquery.html[running a live query] from an ale
 [role="screenshot"]
 image::whats-new/images/8.4/osquery.png[Run a live query]
 
+[discrete]
+== Enhanced workflow for enabling host risk score
+
+Enabling {security-guide}/host-risk-score.html[host risk score] is now easier, with enhancements that guide you through the process and pre-populate the {kib} Dev Tools Console with the required scripts.
+
+[role="screenshot"]
+image::whats-new/images/8.4/host-risk-score-enable-dev-tools-wn.png[Enable host risk score in Dev Tools Console]
+
 // end::notable-highlights[]