diff --git a/rules/integrations/github/defense_evasion_github_protected_branch_settings_changed.toml b/rules/integrations/github/defense_evasion_github_protected_branch_settings_changed.toml
index 002d067f5..9b43b9403 100644
--- a/rules/integrations/github/defense_evasion_github_protected_branch_settings_changed.toml
+++ b/rules/integrations/github/defense_evasion_github_protected_branch_settings_changed.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/08/29"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
@@ -25,7 +27,7 @@ timestamp_override = "event.ingested"
 type = "eql"
 
 query = '''
-configuration where event.dataset == "github.audit" 
+configuration where event.dataset == "github.audit"
   and github.category == "protected_branch" and event.type == "change"
 '''
 
diff --git a/rules/integrations/github/execution_github_app_deleted.toml b/rules/integrations/github/execution_github_app_deleted.toml
index a147621f6..7bced445f 100644
--- a/rules/integrations/github/execution_github_app_deleted.toml
+++ b/rules/integrations/github/execution_github_app_deleted.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/execution_github_high_number_of_cloned_repos_from_pat.toml b/rules/integrations/github/execution_github_high_number_of_cloned_repos_from_pat.toml
index 2fa66f01e..1d14e096d 100644
--- a/rules/integrations/github/execution_github_high_number_of_cloned_repos_from_pat.toml
+++ b/rules/integrations/github/execution_github_high_number_of_cloned_repos_from_pat.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
@@ -29,8 +31,8 @@ timestamp_override = "event.ingested"
 type = "threshold"
 
 query = '''
-event.dataset:"github.audit" and event.category:"configuration" and event.action:"git.clone" and 
-github.programmatic_access_type:("OAuth access token" or "Fine-grained personal access token") and 
+event.dataset:"github.audit" and event.category:"configuration" and event.action:"git.clone" and
+github.programmatic_access_type:("OAuth access token" or "Fine-grained personal access token") and
 github.repository_public:false
 '''
 
diff --git a/rules/integrations/github/execution_github_ueba_multiple_behavior_alerts_from_account.toml b/rules/integrations/github/execution_github_ueba_multiple_behavior_alerts_from_account.toml
index b055bbe42..aeefde947 100644
--- a/rules/integrations/github/execution_github_ueba_multiple_behavior_alerts_from_account.toml
+++ b/rules/integrations/github/execution_github_ueba_multiple_behavior_alerts_from_account.toml
@@ -1,7 +1,9 @@
 [metadata]
 creation_date = "2023/12/14"
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/execution_new_github_app_installed.toml b/rules/integrations/github/execution_new_github_app_installed.toml
index 3333aed0d..10754ac93 100644
--- a/rules/integrations/github/execution_new_github_app_installed.toml
+++ b/rules/integrations/github/execution_new_github_app_installed.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/08/29"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/impact_github_repository_deleted.toml b/rules/integrations/github/impact_github_repository_deleted.toml
index 9e44a6d3a..da383c6b1 100644
--- a/rules/integrations/github/impact_github_repository_deleted.toml
+++ b/rules/integrations/github/impact_github_repository_deleted.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/08/29"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/persistence_github_org_owner_added.toml b/rules/integrations/github/persistence_github_org_owner_added.toml
index ff3b80f07..3046b5e72 100644
--- a/rules/integrations/github/persistence_github_org_owner_added.toml
+++ b/rules/integrations/github/persistence_github_org_owner_added.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/09/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/persistence_organization_owner_role_granted.toml b/rules/integrations/github/persistence_organization_owner_role_granted.toml
index b2d9060a7..fae3507ce 100644
--- a/rules/integrations/github/persistence_organization_owner_role_granted.toml
+++ b/rules/integrations/github/persistence_organization_owner_role_granted.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/09/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_attempted_bypass_of_okta_mfa.toml b/rules/integrations/okta/credential_access_attempted_bypass_of_okta_mfa.toml
index 25f813764..1770c2048 100644
--- a/rules/integrations/okta/credential_access_attempted_bypass_of_okta_mfa.toml
+++ b/rules/integrations/okta/credential_access_attempted_bypass_of_okta_mfa.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_attempts_to_brute_force_okta_user_account.toml b/rules/integrations/okta/credential_access_attempts_to_brute_force_okta_user_account.toml
index 41fc653de..f32685c20 100644
--- a/rules/integrations/okta/credential_access_attempts_to_brute_force_okta_user_account.toml
+++ b/rules/integrations/okta/credential_access_attempts_to_brute_force_okta_user_account.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/08/19"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic", "@BenB196", "Austin Songer"]
diff --git a/rules/integrations/okta/credential_access_multiple_auth_events_from_single_device_behind_proxy.toml b/rules/integrations/okta/credential_access_multiple_auth_events_from_single_device_behind_proxy.toml
index 4720f87e5..bef0fbeec 100644
--- a/rules/integrations/okta/credential_access_multiple_auth_events_from_single_device_behind_proxy.toml
+++ b/rules/integrations/okta/credential_access_multiple_auth_events_from_single_device_behind_proxy.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/10"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_multiple_device_token_hashes_for_single_okta_session.toml b/rules/integrations/okta/credential_access_multiple_device_token_hashes_for_single_okta_session.toml
index 85a526210..42472c51c 100644
--- a/rules/integrations/okta/credential_access_multiple_device_token_hashes_for_single_okta_session.toml
+++ b/rules/integrations/okta/credential_access_multiple_device_token_hashes_for_single_okta_session.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/08"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
-min_stack_version = "8.14.0"
-updated_date = "2024/11/27"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
+min_stack_version = "8.15.0"
+updated_date = "2024/12/09"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_from_single_source.toml b/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_from_single_source.toml
index 60db47af6..3b118d936 100644
--- a/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_from_single_source.toml
+++ b/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_from_single_source.toml
@@ -2,9 +2,9 @@
 creation_date = "2024/06/17"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
-min_stack_version = "8.14.0"
-updated_date = "2024/11/27"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
+min_stack_version = "8.15.0"
+updated_date = "2024/12/09"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_with_the_same_device_token_hash.toml b/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_with_the_same_device_token_hash.toml
index 516d6309b..0f89ea844 100644
--- a/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_with_the_same_device_token_hash.toml
+++ b/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_with_the_same_device_token_hash.toml
@@ -2,9 +2,9 @@
 creation_date = "2024/06/17"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
-min_stack_version = "8.14.0"
-updated_date = "2024/11/27"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
+min_stack_version = "8.15.0"
+updated_date = "2024/12/09"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_brute_force_or_password_spraying.toml b/rules/integrations/okta/credential_access_okta_brute_force_or_password_spraying.toml
index a221d2918..c98a8ef41 100644
--- a/rules/integrations/okta/credential_access_okta_brute_force_or_password_spraying.toml
+++ b/rules/integrations/okta/credential_access_okta_brute_force_or_password_spraying.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/07/16"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_mfa_bombing_via_push_notifications.toml b/rules/integrations/okta/credential_access_okta_mfa_bombing_via_push_notifications.toml
index 71c0ac2de..842d8fcac 100644
--- a/rules/integrations/okta/credential_access_okta_mfa_bombing_via_push_notifications.toml
+++ b/rules/integrations/okta/credential_access_okta_mfa_bombing_via_push_notifications.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/18"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_multiple_device_token_hashes_for_single_user.toml b/rules/integrations/okta/credential_access_okta_multiple_device_token_hashes_for_single_user.toml
index 58407a95f..b7192bba6 100644
--- a/rules/integrations/okta/credential_access_okta_multiple_device_token_hashes_for_single_user.toml
+++ b/rules/integrations/okta/credential_access_okta_multiple_device_token_hashes_for_single_user.toml
@@ -2,9 +2,9 @@
 creation_date = "2024/06/17"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
-min_stack_version = "8.14.0"
-updated_date = "2024/11/27"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
+min_stack_version = "8.15.0"
+updated_date = "2024/12/09"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_potentially_successful_okta_bombing_via_push_notifications.toml b/rules/integrations/okta/credential_access_okta_potentially_successful_okta_bombing_via_push_notifications.toml
index 9dffe4995..08bbd7373 100644
--- a/rules/integrations/okta/credential_access_okta_potentially_successful_okta_bombing_via_push_notifications.toml
+++ b/rules/integrations/okta/credential_access_okta_potentially_successful_okta_bombing_via_push_notifications.toml
@@ -2,9 +2,9 @@
 creation_date = "2022/01/05"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_user_impersonation_access.toml b/rules/integrations/okta/credential_access_user_impersonation_access.toml
index e10764d06..d9e191398 100644
--- a/rules/integrations/okta/credential_access_user_impersonation_access.toml
+++ b/rules/integrations/okta/credential_access_user_impersonation_access.toml
@@ -2,9 +2,9 @@
 creation_date = "2022/03/22"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_attempt_to_deactivate_okta_network_zone.toml b/rules/integrations/okta/defense_evasion_attempt_to_deactivate_okta_network_zone.toml
index a393b4768..0830aefec 100644
--- a/rules/integrations/okta/defense_evasion_attempt_to_deactivate_okta_network_zone.toml
+++ b/rules/integrations/okta/defense_evasion_attempt_to_deactivate_okta_network_zone.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_attempt_to_delete_okta_network_zone.toml b/rules/integrations/okta/defense_evasion_attempt_to_delete_okta_network_zone.toml
index 3c7dc0643..864ddf69f 100644
--- a/rules/integrations/okta/defense_evasion_attempt_to_delete_okta_network_zone.toml
+++ b/rules/integrations/okta/defense_evasion_attempt_to_delete_okta_network_zone.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_first_occurence_public_app_client_credential_token_exchange.toml b/rules/integrations/okta/defense_evasion_first_occurence_public_app_client_credential_token_exchange.toml
index 1bcd9cf49..7feaeba1c 100644
--- a/rules/integrations/okta/defense_evasion_first_occurence_public_app_client_credential_token_exchange.toml
+++ b/rules/integrations/okta/defense_evasion_first_occurence_public_app_client_credential_token_exchange.toml
@@ -2,9 +2,9 @@
 creation_date = "2024/09/11"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy.toml
index 66bba3713..5e2252f7d 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy_rule.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy_rule.toml
index 34e3219b7..01a7abedc 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy_rule.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy_rule.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy.toml
index 05dafd11b..466d26faf 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/28"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy_rule.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy_rule.toml
index 558721188..3de8db3c8 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy_rule.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy_rule.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_network_zone.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_network_zone.toml
index 2dd141efc..65d4b5576 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_network_zone.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_network_zone.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy.toml
index 981b9cb18..c5160d239 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy_rule.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy_rule.toml
index 3c5a20608..d77631d5d 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy_rule.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy_rule.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_suspicious_okta_user_password_reset_or_unlock_attempts.toml b/rules/integrations/okta/defense_evasion_suspicious_okta_user_password_reset_or_unlock_attempts.toml
index 5f1998261..bb2ca0b61 100644
--- a/rules/integrations/okta/defense_evasion_suspicious_okta_user_password_reset_or_unlock_attempts.toml
+++ b/rules/integrations/okta/defense_evasion_suspicious_okta_user_password_reset_or_unlock_attempts.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/08/19"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic", "@BenB196", "Austin Songer"]
diff --git a/rules/integrations/okta/impact_attempt_to_revoke_okta_api_token.toml b/rules/integrations/okta/impact_attempt_to_revoke_okta_api_token.toml
index d2646e659..bcaec277d 100644
--- a/rules/integrations/okta/impact_attempt_to_revoke_okta_api_token.toml
+++ b/rules/integrations/okta/impact_attempt_to_revoke_okta_api_token.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/impact_okta_attempt_to_deactivate_okta_application.toml b/rules/integrations/okta/impact_okta_attempt_to_deactivate_okta_application.toml
index 82bd4f14f..8a5c7a5a9 100644
--- a/rules/integrations/okta/impact_okta_attempt_to_deactivate_okta_application.toml
+++ b/rules/integrations/okta/impact_okta_attempt_to_deactivate_okta_application.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/impact_okta_attempt_to_delete_okta_application.toml b/rules/integrations/okta/impact_okta_attempt_to_delete_okta_application.toml
index 58a590154..816c943f5 100644
--- a/rules/integrations/okta/impact_okta_attempt_to_delete_okta_application.toml
+++ b/rules/integrations/okta/impact_okta_attempt_to_delete_okta_application.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/impact_okta_attempt_to_modify_okta_application.toml b/rules/integrations/okta/impact_okta_attempt_to_modify_okta_application.toml
index 5b7b92872..79b5c4890 100644
--- a/rules/integrations/okta/impact_okta_attempt_to_modify_okta_application.toml
+++ b/rules/integrations/okta/impact_okta_attempt_to_modify_okta_application.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/impact_possible_okta_dos_attack.toml b/rules/integrations/okta/impact_possible_okta_dos_attack.toml
index 7864c704e..6300d7e24 100644
--- a/rules/integrations/okta/impact_possible_okta_dos_attack.toml
+++ b/rules/integrations/okta/impact_possible_okta_dos_attack.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_first_occurrence_user_session_started_via_proxy.toml b/rules/integrations/okta/initial_access_first_occurrence_user_session_started_via_proxy.toml
index f68d27841..b3bfe9595 100644
--- a/rules/integrations/okta/initial_access_first_occurrence_user_session_started_via_proxy.toml
+++ b/rules/integrations/okta/initial_access_first_occurrence_user_session_started_via_proxy.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_new_authentication_behavior_detection.toml b/rules/integrations/okta/initial_access_new_authentication_behavior_detection.toml
index ac5998271..3db6e919e 100644
--- a/rules/integrations/okta/initial_access_new_authentication_behavior_detection.toml
+++ b/rules/integrations/okta/initial_access_new_authentication_behavior_detection.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_okta_fastpass_phishing.toml b/rules/integrations/okta/initial_access_okta_fastpass_phishing.toml
index f3b4e4966..7b3bfb338 100644
--- a/rules/integrations/okta/initial_access_okta_fastpass_phishing.toml
+++ b/rules/integrations/okta/initial_access_okta_fastpass_phishing.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/05/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Austin Songer"]
diff --git a/rules/integrations/okta/initial_access_okta_user_attempted_unauthorized_access.toml b/rules/integrations/okta/initial_access_okta_user_attempted_unauthorized_access.toml
index 6c4520267..1dcfb9ddf 100644
--- a/rules/integrations/okta/initial_access_okta_user_attempted_unauthorized_access.toml
+++ b/rules/integrations/okta/initial_access_okta_user_attempted_unauthorized_access.toml
@@ -2,9 +2,9 @@
 creation_date = "2021/05/14"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic", "Austin Songer"]
diff --git a/rules/integrations/okta/initial_access_okta_user_sessions_started_from_different_geolocations.toml b/rules/integrations/okta/initial_access_okta_user_sessions_started_from_different_geolocations.toml
index f9efde515..0eda4dd19 100644
--- a/rules/integrations/okta/initial_access_okta_user_sessions_started_from_different_geolocations.toml
+++ b/rules/integrations/okta/initial_access_okta_user_sessions_started_from_different_geolocations.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/18"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
-min_stack_version = "8.14.0"
-updated_date = "2024/11/27"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
+min_stack_version = "8.15.0"
+updated_date = "2024/12/09"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_sign_in_events_via_third_party_idp.toml b/rules/integrations/okta/initial_access_sign_in_events_via_third_party_idp.toml
index bf4051a5f..7a76c2ed1 100644
--- a/rules/integrations/okta/initial_access_sign_in_events_via_third_party_idp.toml
+++ b/rules/integrations/okta/initial_access_sign_in_events_via_third_party_idp.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_successful_application_sso_from_unknown_client_device.toml b/rules/integrations/okta/initial_access_successful_application_sso_from_unknown_client_device.toml
index 0cd943dc3..2da36ae59 100644
--- a/rules/integrations/okta/initial_access_successful_application_sso_from_unknown_client_device.toml
+++ b/rules/integrations/okta/initial_access_successful_application_sso_from_unknown_client_device.toml
@@ -2,9 +2,9 @@
 creation_date = "2024/10/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_suspicious_activity_reported_by_okta_user.toml b/rules/integrations/okta/initial_access_suspicious_activity_reported_by_okta_user.toml
index 296376af7..12c7bfaf2 100644
--- a/rules/integrations/okta/initial_access_suspicious_activity_reported_by_okta_user.toml
+++ b/rules/integrations/okta/initial_access_suspicious_activity_reported_by_okta_user.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/lateral_movement_multiple_sessions_for_single_user.toml b/rules/integrations/okta/lateral_movement_multiple_sessions_for_single_user.toml
index e12e60de5..df9e17571 100644
--- a/rules/integrations/okta/lateral_movement_multiple_sessions_for_single_user.toml
+++ b/rules/integrations/okta/lateral_movement_multiple_sessions_for_single_user.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/okta_threatinsight_threat_suspected_promotion.toml b/rules/integrations/okta/okta_threatinsight_threat_suspected_promotion.toml
index 795b1d799..1b44c0779 100644
--- a/rules/integrations/okta/okta_threatinsight_threat_suspected_promotion.toml
+++ b/rules/integrations/okta/okta_threatinsight_threat_suspected_promotion.toml
@@ -3,9 +3,9 @@ creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
 promotion = true
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_administrator_privileges_assigned_to_okta_group.toml b/rules/integrations/okta/persistence_administrator_privileges_assigned_to_okta_group.toml
index 5347d0411..0260f5584 100644
--- a/rules/integrations/okta/persistence_administrator_privileges_assigned_to_okta_group.toml
+++ b/rules/integrations/okta/persistence_administrator_privileges_assigned_to_okta_group.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_administrator_role_assigned_to_okta_user.toml b/rules/integrations/okta/persistence_administrator_role_assigned_to_okta_user.toml
index 84a97457a..65649731d 100644
--- a/rules/integrations/okta/persistence_administrator_role_assigned_to_okta_user.toml
+++ b/rules/integrations/okta/persistence_administrator_role_assigned_to_okta_user.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_attempt_to_create_okta_api_token.toml b/rules/integrations/okta/persistence_attempt_to_create_okta_api_token.toml
index e7e70c32b..babed655d 100644
--- a/rules/integrations/okta/persistence_attempt_to_create_okta_api_token.toml
+++ b/rules/integrations/okta/persistence_attempt_to_create_okta_api_token.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_attempt_to_reset_mfa_factors_for_okta_user_account.toml b/rules/integrations/okta/persistence_attempt_to_reset_mfa_factors_for_okta_user_account.toml
index a07e9b1a2..a615d4a57 100644
--- a/rules/integrations/okta/persistence_attempt_to_reset_mfa_factors_for_okta_user_account.toml
+++ b/rules/integrations/okta/persistence_attempt_to_reset_mfa_factors_for_okta_user_account.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_mfa_deactivation_with_no_reactivation.toml b/rules/integrations/okta/persistence_mfa_deactivation_with_no_reactivation.toml
index 096f3a12b..0dcc92b33 100644
--- a/rules/integrations/okta/persistence_mfa_deactivation_with_no_reactivation.toml
+++ b/rules/integrations/okta/persistence_mfa_deactivation_with_no_reactivation.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/05/20"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_new_idp_successfully_added_by_admin.toml b/rules/integrations/okta/persistence_new_idp_successfully_added_by_admin.toml
index de6588f3a..7e5928c73 100644
--- a/rules/integrations/okta/persistence_new_idp_successfully_added_by_admin.toml
+++ b/rules/integrations/okta/persistence_new_idp_successfully_added_by_admin.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_okta_attempt_to_modify_or_delete_application_sign_on_policy.toml b/rules/integrations/okta/persistence_okta_attempt_to_modify_or_delete_application_sign_on_policy.toml
index 428a0f190..7373dae2b 100644
--- a/rules/integrations/okta/persistence_okta_attempt_to_modify_or_delete_application_sign_on_policy.toml
+++ b/rules/integrations/okta/persistence_okta_attempt_to_modify_or_delete_application_sign_on_policy.toml
@@ -2,9 +2,9 @@
 creation_date = "2020/07/01"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml b/rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml
index e44251b06..91fdc0a62 100644
--- a/rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml
+++ b/rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/09"
 integration = ["endpoint", "okta"]
 maturity = "production"
-updated_date = "2024/11/27"
-min_stack_version = "8.14.0"
-min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+updated_date = "2024/12/09"
+min_stack_version = "8.15.0"
+min_stack_comments = "Breaking change at 8.15.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_new_event_action_for_pat.toml b/rules_building_block/execution_github_new_event_action_for_pat.toml
index 8e86a15d3..e8ab2101a 100644
--- a/rules_building_block/execution_github_new_event_action_for_pat.toml
+++ b/rules_building_block/execution_github_new_event_action_for_pat.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_new_repo_interaction_for_pat.toml b/rules_building_block/execution_github_new_repo_interaction_for_pat.toml
index 25d5e9b20..af1fe749b 100644
--- a/rules_building_block/execution_github_new_repo_interaction_for_pat.toml
+++ b/rules_building_block/execution_github_new_repo_interaction_for_pat.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_new_repo_interaction_for_user.toml b/rules_building_block/execution_github_new_repo_interaction_for_user.toml
index a0033b2f2..5aabab32d 100644
--- a/rules_building_block/execution_github_new_repo_interaction_for_user.toml
+++ b/rules_building_block/execution_github_new_repo_interaction_for_user.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_repo_created.toml b/rules_building_block/execution_github_repo_created.toml
index 8c023a636..40ab0a8d8 100644
--- a/rules_building_block/execution_github_repo_created.toml
+++ b/rules_building_block/execution_github_repo_created.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_repo_interaction_from_new_ip.toml b/rules_building_block/execution_github_repo_interaction_from_new_ip.toml
index 97798e99e..46e625fe8 100644
--- a/rules_building_block/execution_github_repo_interaction_from_new_ip.toml
+++ b/rules_building_block/execution_github_repo_interaction_from_new_ip.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/impact_github_member_removed_from_organization.toml b/rules_building_block/impact_github_member_removed_from_organization.toml
index d50c75c99..7153494ea 100644
--- a/rules_building_block/impact_github_member_removed_from_organization.toml
+++ b/rules_building_block/impact_github_member_removed_from_organization.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/impact_github_pat_access_revoked.toml b/rules_building_block/impact_github_pat_access_revoked.toml
index 125bafc4e..4dd484924 100644
--- a/rules_building_block/impact_github_pat_access_revoked.toml
+++ b/rules_building_block/impact_github_pat_access_revoked.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/impact_github_user_blocked_from_organization.toml b/rules_building_block/impact_github_user_blocked_from_organization.toml
index 616ee8e05..60fb77cb6 100644
--- a/rules_building_block/impact_github_user_blocked_from_organization.toml
+++ b/rules_building_block/impact_github_user_blocked_from_organization.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/initial_access_github_new_ip_address_for_pat.toml b/rules_building_block/initial_access_github_new_ip_address_for_pat.toml
index fd32b3298..173fa693f 100644
--- a/rules_building_block/initial_access_github_new_ip_address_for_pat.toml
+++ b/rules_building_block/initial_access_github_new_ip_address_for_pat.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/initial_access_github_new_ip_address_for_user.toml b/rules_building_block/initial_access_github_new_ip_address_for_user.toml
index 8fb34fae2..b9e80d855 100644
--- a/rules_building_block/initial_access_github_new_ip_address_for_user.toml
+++ b/rules_building_block/initial_access_github_new_ip_address_for_user.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/initial_access_github_new_user_agent_for_pat.toml b/rules_building_block/initial_access_github_new_user_agent_for_pat.toml
index 5c83c4e35..de9956f72 100644
--- a/rules_building_block/initial_access_github_new_user_agent_for_pat.toml
+++ b/rules_building_block/initial_access_github_new_user_agent_for_pat.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/initial_access_github_new_user_agent_for_user.toml b/rules_building_block/initial_access_github_new_user_agent_for_user.toml
index 5f7090353..15d3b4dfc 100644
--- a/rules_building_block/initial_access_github_new_user_agent_for_user.toml
+++ b/rules_building_block/initial_access_github_new_user_agent_for_user.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/persistence_github_new_pat_for_user.toml b/rules_building_block/persistence_github_new_pat_for_user.toml
index e30e32ef3..1e6f93f05 100644
--- a/rules_building_block/persistence_github_new_pat_for_user.toml
+++ b/rules_building_block/persistence_github_new_pat_for_user.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/persistence_github_new_user_added_to_organization.toml b/rules_building_block/persistence_github_new_user_added_to_organization.toml
index 3442fa650..70bec844a 100644
--- a/rules_building_block/persistence_github_new_user_added_to_organization.toml
+++ b/rules_building_block/persistence_github_new_user_added_to_organization.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/12/09"
+updated_date = "2024/12/10"
+min_stack_version = "8.13.0"
+min_stack_comments = "Breaking change at 8.13.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]