diff --git a/detection_rules/etc/packages.yaml b/detection_rules/etc/packages.yaml
index 2c1777fe2..e54683907 100644
--- a/detection_rules/etc/packages.yaml
+++ b/detection_rules/etc/packages.yaml
@@ -11,6 +11,8 @@ package:
     conditions:
       elastic:
         subscription: basic
+        capabilities:
+          - security
       kibana.version: ^8.15.0
     description: Prebuilt detection rules for Elastic Security
     format_version: 3.0.0
diff --git a/detection_rules/schemas/registry_package.py b/detection_rules/schemas/registry_package.py
index 7c1719c40..23aa7e46e 100644
--- a/detection_rules/schemas/registry_package.py
+++ b/detection_rules/schemas/registry_package.py
@@ -15,6 +15,7 @@ from ..mixins import MarshmallowDataclassMixin
 @dataclass
 class ConditionElastic:
     subscription: str
+    capabilities: Optional[List[str]]
 
 
 @dataclass