diff --git a/release-notes/elastic-security/breaking-changes.md b/release-notes/elastic-security/breaking-changes.md
index df8af02ec2..fb9c877c5b 100644
--- a/release-notes/elastic-security/breaking-changes.md
+++ b/release-notes/elastic-security/breaking-changes.md
@@ -22,8 +22,127 @@ Breaking changes can impact your Elastic applications, potentially disrupting no
% **Action**
Steps for mitigating deprecation impact.
% ::::
+## 9.4.0 [elastic-security-940-breaking-changes]
+
+::::{dropdown} Entity Analytics: Risk scores reset after upgrading to 9.4
+Risk scoring is moving from name-based to ID-based scoring tied to the entity store. Historical name-based risk scores are not migrated to the new model.
+
+**Impact**
After upgrading to 9.4, all existing risk scores are cleared. The entity store initializes with a 3-hour lookback, so scored entity counts will be lower immediately after upgrade and will rebuild over time. Additionally, Identity Provider (IdP) user entities may not receive risk scores initially, as alerts do not yet map directly to IdP EUIDs. Local user and host entities are unaffected.
+
+**Action**
No action required to trigger the rebuild — it happens automatically. Plan for a warm-up period after upgrading before risk score dashboards return to their pre-upgrade state.
+
+For more information, check [#258197]({{kib-pull}}258197).
+::::
+
+::::{dropdown} Entity Analytics: Risk engine management APIs removed
+The standalone risk engine is replaced by an entity maintainer integrated into the entity store. The following risk engine management API endpoint is removed:
+
+* `DELETE /api/risk_score/engine/dangerously_delete_data`
+
+**Impact**
Any scripts or automations using this endpoint will fail.
+
+**Action**
Remove references to this endpoint. Risk scoring is now managed through the entity store lifecycle. Refer to the Entity Store API documentation for the new endpoints.
+% TODO: Add link to Entity Store API documentation when available. See https://github.com/elastic/docs-content-internal/issues/1100
+::::
+
+::::{dropdown} Entity Analytics: Asset criticality values reset and CSV format changed after upgrading to 9.4
+Asset criticality storage is moving to the entity store. Historical values from the legacy index are not migrated to the new model. Additionally, the CSV upload format has changed: headers are now required, and uploading a CSV no longer creates new entities — entities must already exist in the entity store.
+
+**Impact**
Existing asset criticality assignments are not carried over after upgrading to 9.4. CSV files using the old headerless format will no longer work.
+
+**Action**
Re-assign asset criticality in 9.4 using the updated CSV format or the entity flyout. Update any CSV files to include the required header row before uploading.
+::::
+
+::::{dropdown} Entity Analytics: Privileged user monitoring replaced by watchlists
+Privileged user monitoring is replaced by watchlists in 9.4. Historical privileged user assignments are not migrated to the new model.
+
+**Impact**
The privileged user monitoring UI and engine are removed. Existing privileged user configurations, including manual user lists and CSV uploads, are not carried over.
+
+**Action**
Recreate your privileged user tracking using watchlists. The default **Privileged Users** watchlist automatically pulls in administrative users from Active Directory and Okta integrations.
+% TODO: Add link to Watchlist documentation when available: [Watchlists](/solutions/security/advanced-entity-analytics/watchlists.md). See https://github.com/elastic/docs-content/pull/5994
+::::
+
+::::{dropdown} Entity Analytics: Privileged user monitoring APIs removed
+All privileged user monitoring APIs are removed in 9.4.
+
+Removed with no equivalent:
+* `POST /api/entity_analytics/monitoring/users`
+* `GET /api/entity_analytics/monitoring/users/list`
+* `PUT /api/entity_analytics/monitoring/users/{id}`
+* `DELETE /api/entity_analytics/monitoring/users/{id}`
+* `POST /api/entity_analytics/monitoring/users/_csv`
+* `POST /api/entity_analytics/monitoring/engine/init`
+* `POST /api/entity_analytics/monitoring/engine/disable`
+* `DELETE /api/entity_analytics/monitoring/engine/delete`
+* `POST /api/entity_analytics/privileged_user_monitoring/pad/install`
+* `GET /api/entity_analytics/privileged_user_monitoring/pad/status`
+
+Replaced by watchlists equivalents:
+* `POST .../monitoring/engine/schedule_now` → `POST /api/entity_analytics/watchlists/{watchlist_id}/sync`
+* `.../monitoring/entity_source/...` → `/api/entity_analytics/watchlists/{watchlist_id}/entity_source/...`
+
+**Impact**
Any scripts or automations using these endpoints will fail.
+
+**Action**
Remove references to removed endpoints. For entity source management, update paths to use the watchlists-scoped equivalents. Refer to the [Entity Analytics API documentation]({{kib-apis}}/group/endpoint-security-entity-analytics-api).
+::::
+
+::::{dropdown} Entity store management and CRUD APIs removed
+The entity store management and CRUD APIs are removed and replaced by an updated API surface available from 9.4.
+For more information, check [#264679]({{kib-pull}}264679).
+
+Removed endpoints:
+* `POST /api/entity_store/enable`
+* `GET /api/entity_store/status`
+* `POST /api/entity_store/engines/{entityType}/init`
+* `POST /api/entity_store/engines/{entityType}/start`
+* `POST /api/entity_store/engines/{entityType}/stop`
+* `DELETE /api/entity_store/engines/{entityType}`
+* `DELETE /api/entity_store/engines`
+* `GET /api/entity_store/engines/{entityType}`
+* `GET /api/entity_store/engines`
+* `POST /api/entity_store/engines/apply_dataview_indices`
+* `GET /api/entity_store/entities/list`
+* `PUT /api/entity_store/entities/{entityType}`
+* `POST /api/entity_store/entities/bulk`
+* `DELETE /api/entity_store/entities/{entityType}`
+
+**Impact**
Any scripts or automations using these endpoints will fail after upgrading to 9.4.
+
+**Action**
Remove references to these endpoints. Refer to the Entity Store API documentation for information on new endpoints.
+% TODO: Add link to Entity Store API documentation when available. See https://github.com/elastic/docs-content-internal/issues/1100
+::::
+
+::::{dropdown} Entity store index structure has changed
+In 9.4, the entity store consolidates all entity types into a single index per namespace, replacing the previous model where hosts, users, and services each had their own index. For more information, check [#251089]({{kib-pull}}251089).
+
+The old per-type index pattern (`.entities.v1.latest.security_{type}_`) is replaced by:
+
+* A single latest index: `.entities.v2.latest.security_-`
+* A shared alias: `entities-latest-`
+* History snapshot indices: `.entities.v2.history.security_.-`
+
+**Impact**
Any direct queries, dashboards, or integrations that reference the old per-type index patterns will fail after upgrading to 9.4.
+
+**Action**
Update direct index references to use the new shared alias.
+::::
+
+::::{dropdown} Entity Analytics: Entity identification in Explore/Entity flyout/Entity store
+In 9.4, a fine-grained logical identifier has been introduced for user and host entities. In previous versions, user entities were identified by the `user.name` field and host entities were identified by the `host.name` field. This has been replaced by a priority ranking for hosts (`host.id` -> `host.name` -> `host.hostname`) and a user tiering identification which separates medium-confidence local users (i.e., a `user.name` associated with a particular `host.id`), from high-confidence IDP users found in integrations.
+
+**Impact**
User and Host entities which do not provide enough information to properly identify them will not be available in the entity store. These entities will only be visible through "observed" aggregation views within the entity flyout and Explore details pages, with no Entity Analytics processing done against them, such as entity risk scoring, resolution, or watchlists. Additionally, entities which _are_ properly identified and are in the entity store will no longer have a link available to the Explore details page for that entity.
+::::
+
+::::{dropdown} Removes serializer and deserializer parameters from the Lists API
+Removes the unused `serializer` and `deserializer` parameters from the Lists API endpoints.
+For more information, check [#250111]({{kib-pull}}250111).
+
+**Impact**
API requests that include `serializer` or `deserializer` parameters will return a deprecation warning header. The parameters are ignored.
+
+**Action**
Remove any `serializer` or `deserializer` parameters from your Lists API requests.
+::::
+
## 9.3.2 [elastic-security-932-breaking-changes]
-::::{dropdown} Removes `serializer` and `deserializer` parameters from the Lists API
+::::{dropdown} Removes serializer and deserializer parameters from the Lists API
Removes the unused `serializer` and `deserializer` parameters from the Lists API endpoints.
For more information, check [#250111]({{kib-pull}}250111).
@@ -33,7 +152,7 @@ For more information, check [#250111]({{kib-pull}}250111).
::::
## 9.2.7 [elastic-security-927-breaking-changes]
-::::{dropdown} Removes `serializer` and `deserializer` parameters from the Lists API
+::::{dropdown} Removes serializer and deserializer parameters from the Lists API
Removes the unused `serializer` and `deserializer` parameters from the Lists API endpoints.
For more information, check [#250111]({{kib-pull}}250111).
diff --git a/release-notes/elastic-security/deprecations.md b/release-notes/elastic-security/deprecations.md
index 3688535458..5a4adf0055 100644
--- a/release-notes/elastic-security/deprecations.md
+++ b/release-notes/elastic-security/deprecations.md
@@ -23,6 +23,37 @@ Review the deprecated functionality for {{elastic-sec}}. While deprecations have
% **Action**
Steps for mitigating deprecation impact.
% ::::
+## 9.4.0 [elastic-security-9.4.0-deprecations]
+
+::::{dropdown} Entity Analytics: Asset Criticality APIs deprecated
+The dedicated Asset Criticality APIs are deprecated in 9.4 and replaced by the Entity Store CRUD APIs.
+
+Deprecated endpoints:
+* `DELETE /api/asset_criticality`
+* `POST /api/asset_criticality`
+* `GET /api/asset_criticality`
+* `GET /api/asset_criticality/list`
+
+**Impact**
These endpoints will continue to work in 9.4 but will be removed in a future release.
+
+**Action**
Migrate to the equivalent Entity Store APIs.
+
+For more information, check [#258440]({{kib-pull}}258440).
+% TODO: Add link to Entity Store API documentation when available. See https://github.com/elastic/docs-content-internal/issues/1100
+::::
+
+::::{dropdown} Removes the Threat Hunting Agent from Agent Builder
+Removes the built-in Threat Hunting Agent from Agent Builder. Security AI workflows now use the Elastic AI Agent with Security skills, which is the default experience in 9.4.0.
+For more information, refer to [#263996]({{kib-pull}}263996).
+
+**Impact**
Conversations stored with the Threat Hunting Agent will no longer appear in the conversation list and cannot be continued from the UI. No automatic migration is planned.
+
+::::
+
+::::{dropdown} Deprecates Enable CCS Warning Privileges in Kibana advanced settings
+Deprecates the `Enable CCS Warning Privileges` setting in {{kib}} **Advanced settings**. For more information, refer to [#252183]({{kib-pull}}252183).
+::::
+
## 9.1.0 [elastic-security-9.1.0-deprecations]
::::{dropdown} Removes default quick prompts
diff --git a/release-notes/elastic-security/index.md b/release-notes/elastic-security/index.md
index cd477ba200..301b5a8486 100644
--- a/release-notes/elastic-security/index.md
+++ b/release-notes/elastic-security/index.md
@@ -27,6 +27,185 @@ To check for security updates, go to [Security announcements for the Elastic sta
% *
+## 9.4.0 [elastic-security-9.4.0-release-notes]
+
+### Features and enhancements [elastic-security-9.4.0-features-enhancements]
+
+* Reorganizes the {{elastic-sec}} classic navigation to group **Get started**, **Value Report**, and migration-related items under a **Launchpad** section [#260429]({{kib-pull}}260429).
+* Adds a new **Overview** tab to the rule details page [#251662]({{kib-pull}}251662).
+* Adds an improved rule execution results table to the **Execution Results** tab on the rule details page (behind the `newExecutionResultsTableEnabled` feature flag), showing execution status, timestamp, duration, gap info, and other key metrics, with sorting, pagination, and a per-execution detail flyout [#259105]({{kib-pull}}259105).
+* Adds a **Rule Monitoring Overview** panel to the **Rule Monitoring** tab, showing a summary of rule execution statuses and gap fill status breakdowns [#252327]({{kib-pull}}252327).
+* Adds a gap detection scope section to **Rule Settings**, allowing you to control which gap reasons (such as rule-disabled gaps) are included in gap monitoring and auto-fill. Adds reason-based filtering to the gap table and **Bulk Fill** modal [#260095]({{kib-pull}}260095).
+* Adds a new `error` gap fill status for the gap auto-fill scheduler [#259130]({{kib-pull}}259130).
+* Adds `matched_indices_count` and `matched_indicator_indices_count` rule execution metrics [#259938]({{kib-pull}}259938).
+* Adds an `alerts_candidate_count` rule execution metric [#259917]({{kib-pull}}259917).
+* Adds high-level rule execution info logging [#253992]({{kib-pull}}253992).
+* Adds UI for identifying and managing deprecated prebuilt detection rules, including a dismissable callout on the rules table page and a callout on the rule details page with actions to delete or duplicate-and-delete deprecated rules [#259673]({{kib-pull}}259673).
+* Updates MITRE ATT&CK mappings to `v18.1` [#246770]({{kib-pull}}246770).
+* Adds new RBAC subfeatures for rules management, allowing granular control over investigation guide editing, custom highlighted fields, enabling/disabling rules, manual rule runs, and rules management settings independently of read-only rules access [#250131]({{kib-pull}}250131).
+* Adds an **Exceptions** RBAC subfeature to the Rules privilege, allowing you to grant exception list management independently of rules read/write access [#245722]({{kib-pull}}245722).
+* Adds a dedicated **Alerts** {{kib}} feature privilege, separating alert view and edit access from rules management. Alert read/edit can now be granted independently of rules privileges [#244637]({{kib-pull}}244637).
+* Adds an Agent Builder skill for querying Security {{ml}} jobs for {{anomaly-detect}} questions [#254908]({{kib-pull}}254908).
+* Automatically injects `METADATA _id` into {{esql}} detection rule queries during execution, removing the requirement for you to include it manually. A non-blocking warning is shown when automatic injection is not possible [#254703]({{kib-pull}}254703).
+* Adds an Agent Builder skill for creating detection rules [#247674]({{kib-pull}}247674).
+* Adds validation for Indicator Match rules' `threat_index` parameter, so rules enter a partial failure state with a warning when no matching threat indices are found, matching the behavior of the `index` parameter [#256353]({{kib-pull}}256353).
+* Adds a new initialization API endpoint for the exception list index creation flow [#258891]({{kib-pull}}258891).
+* Enables search in the **JSON** tab of the Security Solution alert flyout, matching the behavior of the Discover document flyout [#263875]({{kib-pull}}263875).
+* Adds a callout and badge to the visual event analyzer in the alert details flyout to indicate when cold and frozen data tiers are excluded from analyzer queries [#257015]({{kib-pull}}257015).
+* Adds an advanced setting to exclude cold and frozen data tiers from prevalence queries in the alert details flyout, improving load performance [#257011]({{kib-pull}}257011).
+* Adds a **Run workflow** action to the alerts table for both individual alert rows and bulk selections [#252405]({{kib-pull}}252405).
+* Allows you to define custom alert closing reasons in **Advanced settings** [#253127]({{kib-pull}}253127).
+* Improves Attack Discovery accuracy by automatically verifying and filtering out discoveries that contain hallucinated (non-existent) alert IDs [#247965]({{kib-pull}}247965).
+* Makes the Attack Discovery and Attack Discovery Schedules APIs generally available [#246788]({{kib-pull}}246788).
+* Gives Automatic Migration its own dedicated **Migrations** page and navigation entry, moving the migration creation flow out of the **Get started** page [#260379]({{kib-pull}}260379).
+* Adds support for importing and parsing Splunk v2 (JSON-format) dashboards in Automatic Migration [#251199]({{kib-pull}}251199), [#253970]({{kib-pull}}253970).
+* Excludes QRadar building-block rules from Automatic Migration eligibility and improves the XML upload UX [#250558]({{kib-pull}}250558).
+* Updates the `fast-xml-parser` package dependency to version 5.3.4 [#251644]({{kib-pull}}251644).
+* Changes the default chat experience in {{elastic-sec}} and Elastic {{observability}} contexts to AI Agent. A one-time announcement explains the change and allows you to return to the classic AI Assistant from **GenAI Settings**. The dismissal state is remembered per space [#260570]({{kib-pull}}260570).
+* Adds an anonymization profiles UI under **{{stack-manage-app}} → GenAI Settings → Anonymization**, with support for field rules, regex rules, and Named Entity Recognition (NER) rules, backed by the anonymization platform service foundation [#256246]({{kib-pull}}256246), [#252616]({{kib-pull}}252616).
+* Adds an **Add to chat** button on the rule details, rule editing, and alert flyout rule preview pages, allowing you to attach any detection rule to AI Agent for exploration and analysis [#253043]({{kib-pull}}253043).
+* Adds an option to provide a closing reason when closing a case, which is synced to the associated alerts when the alert-sync toggle is enabled [#254603]({{kib-pull}}254603).
+* Adds a **Status** column and disables the **Select** button for closed cases in the **Add to existing case** modal, preventing you from adding alerts to a closed case [#260990]({{kib-pull}}260990).
+* Consolidates Entity Risk Score, Asset Criticality, and Entity Store engine status management into a single **Entity Analytics** management page with tabbed navigation and a unified enable/disable toggle [#255009]({{kib-pull}}255009).
+* Updates the asset criticality CSV upload UI to use the v2 upload API [#260102]({{kib-pull}}260102).
+* Adds an asset criticality v2 CSV upload API [#259386]({{kib-pull}}259386).
+* Adds resolution grouping as the default grouping option in the Entity Analytics data grid. Grouped entities display the target entity name, entity count, and risk score [#258892]({{kib-pull}}258892).
+* Adds a manual entity resolution UI to the entity details flyout, allowing you to create and manage resolution groups that link multiple entity records representing the same real-world identity [#260162]({{kib-pull}}260162).
+* Adds entity resolution CSV upload support, including a backend API and UI [#260006]({{kib-pull}}260006).
+* Introduces Entity Threat Hunting on the **Entity Analytics** page, surfacing prioritized investigation leads based on behavioral observations, risk scoring, and temporal state analysis with Agent Builder integration for guided investigation. Adds the **Entity Threat Hunting** leads cards, a **See All** flyout, and a lead provenance flyout [#257610]({{kib-pull}}257610).
+* Introduces the Entity Threat Hunting backend infrastructure, including the feature flag, shared types and index templates, observation module interface, Risk and Temporal State modules, behavioral observation modules, entity retrieval and enrichment, API routes, `LeadDataClient`, async lead generation, and an automated email-based entity resolution maintainer [#255272]({{kib-pull}}255272), [#256156]({{kib-pull}}256156), [#256270]({{kib-pull}}256270), [#256628]({{kib-pull}}256628), [#257046]({{kib-pull}}257046), [#257479]({{kib-pull}}257479).
+* Allows user and host details flyouts to open while observed data is loading [#252657]({{kib-pull}}252657).
+* Adds an Entity Analytics Agent Builder skill for answering risk score and entity risk questions [#252400]({{kib-pull}}252400).
+* Adds a `communicates_with` entity relationship maintainer for Entity Store v2, populating user entity relationship data based on cloud API and MDM activity from {{aws}} CloudTrail, Azure Sign-in Logs, Okta System Logs, and Jamf Pro [#258656]({{kib-pull}}258656).
+* Adds a namespace ID filter to **Advanced settings** for filtering Entity Store entities by namespace [#247733]({{kib-pull}}247733).
+* Enables showing entity relationships from the entity node context menu in the graph visualization [#252803]({{kib-pull}}252803).
+* Adds support for fetching entity relationships from the Entity Graph API [#251178]({{kib-pull}}251178).
+* Prepares the monitoring entity source CRUD APIs for general availability of privileged user monitoring [#246978]({{kib-pull}}246978).
+* Adds reusability support for the {{gcp}} cloud connector [#253093]({{kib-pull}}253093).
+* Filters the cloud connector selector to show only connectors matching both the policy's cloud provider and account type (`single-account` or `organization-account`) [#250107]({{kib-pull}}250107).
+* Adds a unified Osquery **History** table that combines live and scheduled query results with cursor-based pagination, source filtering, a date range picker, and routing to scheduled execution details [#256917]({{kib-pull}}256917).
+* Persists Osquery **History** page filters (search text, source filter, date range) in session storage so they are restored when navigating between tabs and detail pages within the same browser session [#260891]({{kib-pull}}260891).
+* Adds URL parameter support to the Osquery **History** page, enabling deep-linking to filtered history views [#257895]({{kib-pull}}257895).
+* Adds a scheduled execution details page and API for Osquery [#257118]({{kib-pull}}257118).
+* Adds a unified results details table for Osquery (behind the `osqueryUnifiedDataTable` feature flag) with a KQL search bar, document detail flyout, drag-and-drop column reordering, density controls, and full-screen mode [#257627]({{kib-pull}}257627).
+* Enables dynamic schema loading for Osquery: table and ECS field schemas are now fetched at runtime from the installed `osquery_manager` integration package, keeping autocomplete and ECS mapping data in sync with the installed integration version [#258833]({{kib-pull}}258833).
+* Adds the ability to duplicate Osquery saved queries and packs, and adds a row action menu with **Edit**, **Duplicate**, and **Delete** actions to the saved queries and packs list tables [#252517]({{kib-pull}}252517).
+* Moves Endpoint exceptions from the **Shared exception lists** and **Rules** pages to the **Endpoint Artifacts** page, separating them from rule exceptions. Adds an opt-in for per-policy Endpoint exception assignment and adds export/import functionality to all Endpoint artifacts [#260983]({{kib-pull}}260983).
+* Adds the `linux.advanced.ransomware.diagnostic` advanced {{elastic-defend}} policy flag in preparation for Linux ransomware protection support [#260538]({{kib-pull}}260538).
+* Adds a script library for creating and managing scripts for use with the `runscript` response action on {{elastic-defend}}-protected hosts [#258400]({{kib-pull}}258400).
+* Adds `runscript` response action support to {{elastic-defend}}.
+* Improves {{elastic-defend}} by automatically enabling the required Windows security audit policies, ensuring the endpoint can collect the telemetry those policies control. Disabled by default; enable using an advanced policy flag.
+* Adds a `memory-dump` response action to {{elastic-defend}} on Linux.
+* Adds process event tracking for `ptrace`, shared memory, `memfd`, and module-load operations to {{elastic-defend}} on Linux.
+* Adds the YARA rule name to the `message` field for {{elastic-defend}} file alerts.
+* Improves {{elastic-defend}} support for x64 symbol resolution on Windows on ARM64.
+* Extends {{elastic-defend}} device control to Windows Portable Devices.
+* Improves the reliability of {{elastic-defend}}'s malware-on-write detection.
+* Improves {{elastic-defend}} behavioral protection performance by unloading rules that are fully covered by simple exception or trust entries, preventing CPU usage from evaluating events against those rules.
+* Further reduces {{elastic-defend}} behavioral protection CPU usage for trusted applications.
+* Adds ransomware protection to {{elastic-defend}} on macOS. Turned off by default; turn on using the `mac.ransomware.mode` advanced policy setting.
+
+
+
+### Fixes [elastic-security-9.4.0-fixes]
+
+* Fixes an issue where detection engine gap errors were classified as non-user errors, which caused gap-only rule failures to count against SLO dashboards [#263244]({{kib-pull}}263244).
+* Fixes an issue where disabled detection rules could appear stuck in a "running" state after a {{kib}} crash [#262374]({{kib-pull}}262374).
+* Extends the query execution timeout to 24 hours [#262008]({{kib-pull}}262008).
+* Fixes an issue where duplicate toolbars appeared on the detection rule monitoring dashboard [#261846]({{kib-pull}}261846).
+* Fixes an issue where the search bar on the **Alerts** tab of the rule details page overlapped the alerts table in full screen mode [#260315]({{kib-pull}}260315).
+* Removes Endpoint List bootstrap calls from rule-related routes [#258266]({{kib-pull}}258266).
+* Fixes out-of-memory crashes and {{kib}} restarts caused by the gap auto-fill scheduler creating excessively large saved objects for rules with short intervals and long gaps [#254788]({{kib-pull}}254788).
+* Fixes an issue where the legacy `rules/prepackaged` endpoints returned 500 errors on Basic licenses when processing prebuilt rule packages that include {{ml}} rules [#253574]({{kib-pull}}253574).
+* Improves the performance of bulk rule deletion [#253116]({{kib-pull}}253116).
+* Fixes responsiveness issues on the rule details **Overview** tab [#252890]({{kib-pull}}252890).
+* Fixes an issue where detection rules APIs didn't properly validate endpoint response actions [#251352]({{kib-pull}}251352).
+* Removes the Technical Preview badge from the privileged access detection package [#249500]({{kib-pull}}249500).
+* Improves the stability of the **Add Elastic rules** page on deployments with low RAM configurations [#248259]({{kib-pull}}248259).
+* Fixes an issue where the rule summary button was enabled for users who lacked the full set of required rule privileges [#248221]({{kib-pull}}248221).
+* Fixes an issue where the gap fill scheduler logs flyout did not display tooltips for status tags [#247695]({{kib-pull}}247695).
+* Fixes an issue where the rule settings pop-up remained open after clicking **Save** when enabling or disabling auto gap fill [#247678]({{kib-pull}}247678).
+* Fixes a display issue with filters on the **MITRE ATT&CK® coverage** page [#246794]({{kib-pull}}246794).
+* Fixes a race condition in the query bar filter when the {{data-source}} was being created asynchronously [#261523]({{kib-pull}}261523).
+* Fixes an issue where the required fields component showed a false positive warning [#261830]({{kib-pull}}261830).
+* Fixes an issue in EQL rule creation where the query field did not re-validate after changing the index pattern, leaving stale errors on screen even when the query was valid for the newly selected {{data-source}} [#261027]({{kib-pull}}261027).
+* Fixes incorrect alert counting for indicator match detection rules when a page of source documents matches no indicators, so max-alerts warnings display correctly [#259199]({{kib-pull}}259199).
+* Fixes an issue where {{esql}} rule execution did not apply data tier exclusion filters to the source document enrichment query, potentially querying excluded cold and frozen tiers [#255341]({{kib-pull}}255341).
+* Fixes EQL sequence document merging to treat dot notation and nested notation as equivalent [#254830]({{kib-pull}}254830).
+* Adds integration test coverage for {{esql}} rule execution logic [#252936]({{kib-pull}}252936).
+* Fixes an accessibility issue with the ARIA announcement in the **Add exception list** dialog [#250624]({{kib-pull}}250624).
+* Fixes an issue where the `os_types` field was not saved when creating an exception list [#250279]({{kib-pull}}250279).
+* Fixes an issue where backslashes were removed when typed in exception field values [#250117]({{kib-pull}}250117).
+* Fixes an issue where shared exception list entries showed the list ID instead of the list name [#249778]({{kib-pull}}249778).
+* Updates the icon that is shown when alert suppression is not available because of insufficient license [#247964]({{kib-pull}}247964).
+* Truncates long text in the **Value** column in the value list modal [#246679]({{kib-pull}}246679).
+* Removes Beta labels and badges from the AI Agent chat experience, including the chat selection card, announcement modal, advanced settings value, and Elastic {{observability}} opt-in tour [#264200]({{kib-pull}}264200).
+* Suppresses the AI Agent announcement modal in automated browser sessions by checking `navigator.webdriver`, so synthetic monitors and end-to-end tests are not affected [#263785]({{kib-pull}}263785).
+* Updates the copy in the AI Agent announcement modal [#263034]({{kib-pull}}263034).
+* Fixes an issue where the Agent Builder sidebar did not open when navigating directly to rule creation [#262588]({{kib-pull}}262588).
+* Removes the AI Assistant prefill behavior to ensure compatibility with Claude Sonnet 4.6 and Opus 4.6 [#255740]({{kib-pull}}255740).
+* Enables the `defaultModel` setting for the Azure OpenAI connector to support APIM endpoints [#253577]({{kib-pull}}253577).
+* Adds a `region` field to the Amazon Bedrock connector [#252960]({{kib-pull}}252960), [#252956]({{kib-pull}}252956).
+* Fixes accessibility issues in the Security AI Assistant confirm delete modal [#251962]({{kib-pull}}251962).
+* Adds optional field indicators to the OpenAI connector configuration [#251857]({{kib-pull}}251857).
+* Fixes an accessibility issue with a missing label in the Security AI Assistant flyout [#251656]({{kib-pull}}251656).
+* Fixes the `spaceId` handling in Agent Builder security tools [#251513]({{kib-pull}}251513).
+* Fixes an issue in the Security AI Assistant where the **Add connector** button was incorrectly grayed out for users with permission to create connectors [#250921]({{kib-pull}}250921).
+* Fixes an issue where the Security AI Assistant chat completion API didn't use an associated conversation's system prompt [#248020]({{kib-pull}}248020).
+* Replaces a deprecated icon in the UI [#251930]({{kib-pull}}251930).
+* Fixes a Firefox scroll position jump that occurred when hovering field rows with cell actions in the **Table** tab of the alert details flyout [#262682]({{kib-pull}}262682).
+* Fixes an issue where alert KPI counts were rendered with incorrect whitespace [#260803]({{kib-pull}}260803).
+* Fixes an issue where the alert details flyout persisted after navigating away from {{elastic-sec}} [#256001]({{kib-pull}}256001).
+* Fixes an issue where alert flyout section expansion state in local storage did not honor all saved values [#251999]({{kib-pull}}251999).
+* Fixes an issue where the **Threat intelligence** section in the alert details flyout didn't display multiple values [#245449]({{kib-pull}}245449).
+* Fixes a denial-of-service risk in Timeline bulk export by validating the number of Timeline IDs (up to 1,000), deduplicating IDs, and bounding enrichment work [#260265]({{kib-pull}}260265).
+* Fixes an issue where Timeline bulk deletion did not work correctly [#260206]({{kib-pull}}260206).
+* Fixes an issue where notes not associated with a saved Timeline could appear on the **Notes** tab while investigating in Timeline, including for draft Timelines [#259658]({{kib-pull}}259658).
+* Adds support for timestamp overrides to Timeline at the {{data-source}} level, allowing Timeline to use the {{data-source}}'s configured timestamp field instead of `@timestamp` [#251827]({{kib-pull}}251827).
+* Fixes an issue where the **Comprehensive File Timeline** template filters combined with OR logic instead of AND [#251242]({{kib-pull}}251242).
+* Fixes an issue where delete actions on notes were not restricted for read-only users and improves the related error message [#247617]({{kib-pull}}247617).
+* Fixes an issue where deleting a note in the Timelines table did not update the UI [#249777]({{kib-pull}}249777).
+* Fixes incorrect pagination display in the **Notes** tab that showed "1-0 of 0" when no notes existed [#248481]({{kib-pull}}248481).
+* Fixes notes filtering logic to correctly show notes attached to alerts, events, and timelines [#248110]({{kib-pull}}248110).
+* Fixes an issue where the `createdBy` field in the notes filter didn't use exact matching [#247351]({{kib-pull}}247351).
+* Fixes an issue where the visual event analyzer preview could fetch data with incorrect indices before the {{data-source}} was fully loaded [#255400]({{kib-pull}}255400).
+* Fixes an issue where visual event analyzer queries could return cached results for incorrect indices [#255396]({{kib-pull}}255396).
+* Fixes an issue where the visual event analyzer did not display in the alert details flyout in certain {{data-source}} configurations [#255182]({{kib-pull}}255182).
+* Fixes an issue where the visual event analyzer rendered before the {{data-source}} was ready [#245712]({{kib-pull}}245712).
+* Fixes an issue where Attack Discovery schedules failed to run due to internal Elastic Managed LLM connector changes [#249891]({{kib-pull}}249891).
+* Fixes an issue where tabs were visible for generic attack groups in Attack Discovery [#248444]({{kib-pull}}248444).
+* Fixes an issue where Attack Discovery incorrectly classified the "Security AI Anonymization settings configured to not allow any fields" message as a system error instead of a user error [#248439]({{kib-pull}}248439).
+* Changes the placement of **Migrations** and **Inventory** items in the {{elastic-sec}} navigation menu [#247002]({{kib-pull}}247002).
+* Improves Automatic Migration performance by reducing the number of {{es}} calls when updating field mappings [#252431]({{kib-pull}}252431).
+* Fixes an Automatic Migration issue where failed rules appeared in non-failed status filters [#252263]({{kib-pull}}252263).
+* Fixes the **Get started** page visibility for users with read-only privileges for rules [#247355]({{kib-pull}}247355).
+* Fixes an issue where the last event ingested metric pulled from an incorrect scope and too few indices [#262346]({{kib-pull}}262346).
+* Fixes Entity Store install API parameter validation [#252366]({{kib-pull}}252366).
+* Fixes an issue where the privileged user monitoring table didn't refresh alert data when the time range changed [#250618]({{kib-pull}}250618).
+* Fixes an issue where index updates failed due to an invalid API payload [#250758]({{kib-pull}}250758).
+* Fixes an issue where the CSV export in Entity Analytics displayed an incorrect user count [#249032]({{kib-pull}}249032).
+* Fixes an issue where entity user and host names were not escaped in URLs, which resulted in invalid URLs [#247707]({{kib-pull}}247707).
+* Fixes an issue where special characters in {{esql}} queries for risk scoring were not handled correctly [#247060]({{kib-pull}}247060).
+* Fixes an issue where the **Entity summary** section in the entity details flyout showed incorrect vulnerabilities data [#246889]({{kib-pull}}246889).
+* Updates Active Directory matchers to use SID-based privileged groups for privileged user monitoring [#246763]({{kib-pull}}246763).
+* Fixes an issue where Monaco editor autocomplete suggestions appeared behind modals and flyouts in the Osquery editor [#259558]({{kib-pull}}259558).
+* Fixes an issue where prebuilt Osquery packs displayed a numeric user ID instead of a username in the **Created by** column on ECH deployments [#261115]({{kib-pull}}261115).
+* Adds {{ccs-cap}} ({{ccs-init}}) support to Osquery search queries [#260518]({{kib-pull}}260518).
+* Standardizes and persists the rows-per-page preference across Osquery tabs [#253499]({{kib-pull}}253499).
+* Fixes URL parameter handling in the Osquery history page [#250469]({{kib-pull}}250469).
+* Fixes CrowdStrike `runscript` response actions to correctly display script output (stdout/stderr) in the **Response Console** and **Action History** views [#262470]({{kib-pull}}262470).
+* Returns an error when you submit a malware scan job while malware protection is not enabled [#255597]({{kib-pull}}255597).
+* Fixes a memory leak in {{elastic-defend}} related to path normalization, introduced in 9.3.0.
+* Fixes a bug in {{elastic-defend}} that could delay uninstall by up to 30 seconds in some configurations.
+* Improves {{elastic-defend}} on Linux to detect and report when the service fails to start.
+* Fixes a {{elastic-defend}} Kafka output issue by handling transient or invalid metadata responses with fallback to broker-selected partitioning, preventing a divide-by-zero error.
+* Updates {{elastic-defend}} Linux BPF probes to support kernels with lazy preemption enabled.
+* Fixes an issue where {{elastic-defend}} did not correctly honor the `ignored_filesystems` setting when a filesystem was detected.
+* Fixes an issue that would cause hotfix builds of {{elastic-defend}} to incorrectly report their version in Windows Security Center.
+* Fixes a bug in version 9.3.0 of {{elastic-defend}} that resulted in the Windows Security Center status page showing an error.
+* Fixes an issue where `user.name` and `group.name` fields were missing from {{elastic-defend}} events in some LDAP environments.
+* Fixes an issue where {{elastic-defend}} on Windows could log a warning about "Quarantine directory failed validation due to ACL or file attribute change" for empty removable media drives such as optical drives.
+* Fixes an issue in {{elastic-defend}} that could cause the system to lock up for up to several minutes during {{elastic-defend}} uninstallation or upgrade.
## 9.3.4 [elastic-security-9.3.4-release-notes]