diff --git a/rules/integrations/github/defense_evasion_github_protected_branch_settings_changed.toml b/rules/integrations/github/defense_evasion_github_protected_branch_settings_changed.toml
index d85163a5c79..d0846202bfb 100644
--- a/rules/integrations/github/defense_evasion_github_protected_branch_settings_changed.toml
+++ b/rules/integrations/github/defense_evasion_github_protected_branch_settings_changed.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/08/29"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/execution_github_app_deleted.toml b/rules/integrations/github/execution_github_app_deleted.toml
index b49bc9b3389..70c770e0e3e 100644
--- a/rules/integrations/github/execution_github_app_deleted.toml
+++ b/rules/integrations/github/execution_github_app_deleted.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/execution_github_high_number_of_cloned_repos_from_pat.toml b/rules/integrations/github/execution_github_high_number_of_cloned_repos_from_pat.toml
index 85da5ced62c..08b5c096605 100644
--- a/rules/integrations/github/execution_github_high_number_of_cloned_repos_from_pat.toml
+++ b/rules/integrations/github/execution_github_high_number_of_cloned_repos_from_pat.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/execution_new_github_app_installed.toml b/rules/integrations/github/execution_new_github_app_installed.toml
index 8d63b58be15..57d22e5c037 100644
--- a/rules/integrations/github/execution_new_github_app_installed.toml
+++ b/rules/integrations/github/execution_new_github_app_installed.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/08/29"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/impact_github_repository_deleted.toml b/rules/integrations/github/impact_github_repository_deleted.toml
index c75c9c689d8..287db18a7c2 100644
--- a/rules/integrations/github/impact_github_repository_deleted.toml
+++ b/rules/integrations/github/impact_github_repository_deleted.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/08/29"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/persistence_github_org_owner_added.toml b/rules/integrations/github/persistence_github_org_owner_added.toml
index df89d4bd008..124fd92d323 100644
--- a/rules/integrations/github/persistence_github_org_owner_added.toml
+++ b/rules/integrations/github/persistence_github_org_owner_added.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/09/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/github/persistence_organization_owner_role_granted.toml b/rules/integrations/github/persistence_organization_owner_role_granted.toml
index 7c31e52610b..79661548925 100644
--- a/rules/integrations/github/persistence_organization_owner_role_granted.toml
+++ b/rules/integrations/github/persistence_organization_owner_role_granted.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/09/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_attempted_bypass_of_okta_mfa.toml b/rules/integrations/okta/credential_access_attempted_bypass_of_okta_mfa.toml
index de5419e0527..25f813764a4 100644
--- a/rules/integrations/okta/credential_access_attempted_bypass_of_okta_mfa.toml
+++ b/rules/integrations/okta/credential_access_attempted_bypass_of_okta_mfa.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_attempts_to_brute_force_okta_user_account.toml b/rules/integrations/okta/credential_access_attempts_to_brute_force_okta_user_account.toml
index 4f0f19a9584..41fc653de0f 100644
--- a/rules/integrations/okta/credential_access_attempts_to_brute_force_okta_user_account.toml
+++ b/rules/integrations/okta/credential_access_attempts_to_brute_force_okta_user_account.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/08/19"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic", "@BenB196", "Austin Songer"]
diff --git a/rules/integrations/okta/credential_access_multiple_auth_events_from_single_device_behind_proxy.toml b/rules/integrations/okta/credential_access_multiple_auth_events_from_single_device_behind_proxy.toml
index e27551037a9..4720f87e525 100644
--- a/rules/integrations/okta/credential_access_multiple_auth_events_from_single_device_behind_proxy.toml
+++ b/rules/integrations/okta/credential_access_multiple_auth_events_from_single_device_behind_proxy.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/11/10"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_multiple_device_token_hashes_for_single_okta_session.toml b/rules/integrations/okta/credential_access_multiple_device_token_hashes_for_single_okta_session.toml
index c52290412dc..85a526210bf 100644
--- a/rules/integrations/okta/credential_access_multiple_device_token_hashes_for_single_okta_session.toml
+++ b/rules/integrations/okta/credential_access_multiple_device_token_hashes_for_single_okta_session.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/08"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "ES|QL rule type becomes available in 8.13.0 as technical preview."
-min_stack_version = "8.13.0"
-updated_date = "2024/10/09"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+min_stack_version = "8.14.0"
+updated_date = "2024/11/27"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_from_single_source.toml b/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_from_single_source.toml
index 76b585c314f..60db47af6d3 100644
--- a/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_from_single_source.toml
+++ b/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_from_single_source.toml
@@ -2,9 +2,9 @@
 creation_date = "2024/06/17"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "ES|QL rule type becomes available in 8.13.0 as technical preview."
-min_stack_version = "8.13.0"
-updated_date = "2024/10/09"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+min_stack_version = "8.14.0"
+updated_date = "2024/11/27"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_with_the_same_device_token_hash.toml b/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_with_the_same_device_token_hash.toml
index 08f58a55a2b..516d6309b77 100644
--- a/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_with_the_same_device_token_hash.toml
+++ b/rules/integrations/okta/credential_access_okta_authentication_for_multiple_users_with_the_same_device_token_hash.toml
@@ -2,9 +2,9 @@
 creation_date = "2024/06/17"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "ES|QL rule type becomes available in 8.13.0 as technical preview."
-min_stack_version = "8.13.0"
-updated_date = "2024/10/09"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+min_stack_version = "8.14.0"
+updated_date = "2024/11/27"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_brute_force_or_password_spraying.toml b/rules/integrations/okta/credential_access_okta_brute_force_or_password_spraying.toml
index c1bfee11024..a221d291841 100644
--- a/rules/integrations/okta/credential_access_okta_brute_force_or_password_spraying.toml
+++ b/rules/integrations/okta/credential_access_okta_brute_force_or_password_spraying.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/07/16"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_mfa_bombing_via_push_notifications.toml b/rules/integrations/okta/credential_access_okta_mfa_bombing_via_push_notifications.toml
index fc158cefe1d..71c0ac2de36 100644
--- a/rules/integrations/okta/credential_access_okta_mfa_bombing_via_push_notifications.toml
+++ b/rules/integrations/okta/credential_access_okta_mfa_bombing_via_push_notifications.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/11/18"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_multiple_device_token_hashes_for_single_user.toml b/rules/integrations/okta/credential_access_okta_multiple_device_token_hashes_for_single_user.toml
index a97c25ddfda..58407a95f08 100644
--- a/rules/integrations/okta/credential_access_okta_multiple_device_token_hashes_for_single_user.toml
+++ b/rules/integrations/okta/credential_access_okta_multiple_device_token_hashes_for_single_user.toml
@@ -2,9 +2,9 @@
 creation_date = "2024/06/17"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "ES|QL rule type becomes available in 8.13.0 as technical preview."
-min_stack_version = "8.13.0"
-updated_date = "2024/10/09"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+min_stack_version = "8.14.0"
+updated_date = "2024/11/27"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_okta_potentially_successful_okta_bombing_via_push_notifications.toml b/rules/integrations/okta/credential_access_okta_potentially_successful_okta_bombing_via_push_notifications.toml
index f65e4fc0c33..9dffe4995e6 100644
--- a/rules/integrations/okta/credential_access_okta_potentially_successful_okta_bombing_via_push_notifications.toml
+++ b/rules/integrations/okta/credential_access_okta_potentially_successful_okta_bombing_via_push_notifications.toml
@@ -2,7 +2,9 @@
 creation_date = "2022/01/05"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/credential_access_user_impersonation_access.toml b/rules/integrations/okta/credential_access_user_impersonation_access.toml
index 5b1c06e5083..e10764d06e5 100644
--- a/rules/integrations/okta/credential_access_user_impersonation_access.toml
+++ b/rules/integrations/okta/credential_access_user_impersonation_access.toml
@@ -2,7 +2,9 @@
 creation_date = "2022/03/22"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_attempt_to_deactivate_okta_network_zone.toml b/rules/integrations/okta/defense_evasion_attempt_to_deactivate_okta_network_zone.toml
index ea048dfbf97..a393b4768d0 100644
--- a/rules/integrations/okta/defense_evasion_attempt_to_deactivate_okta_network_zone.toml
+++ b/rules/integrations/okta/defense_evasion_attempt_to_deactivate_okta_network_zone.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_attempt_to_delete_okta_network_zone.toml b/rules/integrations/okta/defense_evasion_attempt_to_delete_okta_network_zone.toml
index a89e190f88e..3c7dc064394 100644
--- a/rules/integrations/okta/defense_evasion_attempt_to_delete_okta_network_zone.toml
+++ b/rules/integrations/okta/defense_evasion_attempt_to_delete_okta_network_zone.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_first_occurence_public_app_client_credential_token_exchange.toml b/rules/integrations/okta/defense_evasion_first_occurence_public_app_client_credential_token_exchange.toml
index ce3bbd28b07..1bcd9cf4991 100644
--- a/rules/integrations/okta/defense_evasion_first_occurence_public_app_client_credential_token_exchange.toml
+++ b/rules/integrations/okta/defense_evasion_first_occurence_public_app_client_credential_token_exchange.toml
@@ -2,7 +2,9 @@
 creation_date = "2024/09/11"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy.toml
index 30acf1a49fc..66bba3713e4 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy_rule.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy_rule.toml
index b50418ba1d3..34e3219b7d6 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy_rule.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_deactivate_okta_policy_rule.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy.toml
index 063a09b170a..05dafd11bad 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/05/28"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy_rule.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy_rule.toml
index ecdabb2216b..55872118829 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy_rule.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_delete_okta_policy_rule.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_network_zone.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_network_zone.toml
index 6ee1d50fa0e..2dd141efcc8 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_network_zone.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_network_zone.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy.toml
index b485eec0644..981b9cb1840 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy_rule.toml b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy_rule.toml
index f541558e588..3c5a20608a0 100644
--- a/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy_rule.toml
+++ b/rules/integrations/okta/defense_evasion_okta_attempt_to_modify_okta_policy_rule.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/defense_evasion_suspicious_okta_user_password_reset_or_unlock_attempts.toml b/rules/integrations/okta/defense_evasion_suspicious_okta_user_password_reset_or_unlock_attempts.toml
index 92eed04d461..5f1998261a0 100644
--- a/rules/integrations/okta/defense_evasion_suspicious_okta_user_password_reset_or_unlock_attempts.toml
+++ b/rules/integrations/okta/defense_evasion_suspicious_okta_user_password_reset_or_unlock_attempts.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/08/19"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic", "@BenB196", "Austin Songer"]
diff --git a/rules/integrations/okta/impact_attempt_to_revoke_okta_api_token.toml b/rules/integrations/okta/impact_attempt_to_revoke_okta_api_token.toml
index e21246c5d59..d2646e6596f 100644
--- a/rules/integrations/okta/impact_attempt_to_revoke_okta_api_token.toml
+++ b/rules/integrations/okta/impact_attempt_to_revoke_okta_api_token.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/impact_okta_attempt_to_deactivate_okta_application.toml b/rules/integrations/okta/impact_okta_attempt_to_deactivate_okta_application.toml
index 0d2319adf1b..82bd4f14fc3 100644
--- a/rules/integrations/okta/impact_okta_attempt_to_deactivate_okta_application.toml
+++ b/rules/integrations/okta/impact_okta_attempt_to_deactivate_okta_application.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/impact_okta_attempt_to_delete_okta_application.toml b/rules/integrations/okta/impact_okta_attempt_to_delete_okta_application.toml
index b18b13630c4..58a590154ed 100644
--- a/rules/integrations/okta/impact_okta_attempt_to_delete_okta_application.toml
+++ b/rules/integrations/okta/impact_okta_attempt_to_delete_okta_application.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/impact_okta_attempt_to_modify_okta_application.toml b/rules/integrations/okta/impact_okta_attempt_to_modify_okta_application.toml
index 8a3a84e7743..5b7b92872dd 100644
--- a/rules/integrations/okta/impact_okta_attempt_to_modify_okta_application.toml
+++ b/rules/integrations/okta/impact_okta_attempt_to_modify_okta_application.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/impact_possible_okta_dos_attack.toml b/rules/integrations/okta/impact_possible_okta_dos_attack.toml
index e85d110991a..7864c704eb2 100644
--- a/rules/integrations/okta/impact_possible_okta_dos_attack.toml
+++ b/rules/integrations/okta/impact_possible_okta_dos_attack.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_first_occurrence_user_session_started_via_proxy.toml b/rules/integrations/okta/initial_access_first_occurrence_user_session_started_via_proxy.toml
index 8fc9d03cae8..f68d2784119 100644
--- a/rules/integrations/okta/initial_access_first_occurrence_user_session_started_via_proxy.toml
+++ b/rules/integrations/okta/initial_access_first_occurrence_user_session_started_via_proxy.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/11/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_new_authentication_behavior_detection.toml b/rules/integrations/okta/initial_access_new_authentication_behavior_detection.toml
index 7623ecd5c1a..ac5998271b5 100644
--- a/rules/integrations/okta/initial_access_new_authentication_behavior_detection.toml
+++ b/rules/integrations/okta/initial_access_new_authentication_behavior_detection.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/11/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_okta_fastpass_phishing.toml b/rules/integrations/okta/initial_access_okta_fastpass_phishing.toml
index 066c2b4a762..f3b4e496633 100644
--- a/rules/integrations/okta/initial_access_okta_fastpass_phishing.toml
+++ b/rules/integrations/okta/initial_access_okta_fastpass_phishing.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/05/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Austin Songer"]
diff --git a/rules/integrations/okta/initial_access_okta_user_attempted_unauthorized_access.toml b/rules/integrations/okta/initial_access_okta_user_attempted_unauthorized_access.toml
index 47a853e214f..6c45202679d 100644
--- a/rules/integrations/okta/initial_access_okta_user_attempted_unauthorized_access.toml
+++ b/rules/integrations/okta/initial_access_okta_user_attempted_unauthorized_access.toml
@@ -2,7 +2,9 @@
 creation_date = "2021/05/14"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic", "Austin Songer"]
diff --git a/rules/integrations/okta/initial_access_okta_user_sessions_started_from_different_geolocations.toml b/rules/integrations/okta/initial_access_okta_user_sessions_started_from_different_geolocations.toml
index 5f42304c76f..f9efde51504 100644
--- a/rules/integrations/okta/initial_access_okta_user_sessions_started_from_different_geolocations.toml
+++ b/rules/integrations/okta/initial_access_okta_user_sessions_started_from_different_geolocations.toml
@@ -2,9 +2,9 @@
 creation_date = "2023/11/18"
 integration = ["okta"]
 maturity = "production"
-min_stack_comments = "ES|QL rule type becomes available in 8.13.0 as technical preview."
-min_stack_version = "8.13.0"
-updated_date = "2024/10/09"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
+min_stack_version = "8.14.0"
+updated_date = "2024/11/27"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_sign_in_events_via_third_party_idp.toml b/rules/integrations/okta/initial_access_sign_in_events_via_third_party_idp.toml
index c127cd0f9e8..bf4051a5f23 100644
--- a/rules/integrations/okta/initial_access_sign_in_events_via_third_party_idp.toml
+++ b/rules/integrations/okta/initial_access_sign_in_events_via_third_party_idp.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_successful_application_sso_from_unknown_client_device.toml b/rules/integrations/okta/initial_access_successful_application_sso_from_unknown_client_device.toml
index acb2a434d9b..0cd943dc369 100644
--- a/rules/integrations/okta/initial_access_successful_application_sso_from_unknown_client_device.toml
+++ b/rules/integrations/okta/initial_access_successful_application_sso_from_unknown_client_device.toml
@@ -2,7 +2,9 @@
 creation_date = "2024/10/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/10/07"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/initial_access_suspicious_activity_reported_by_okta_user.toml b/rules/integrations/okta/initial_access_suspicious_activity_reported_by_okta_user.toml
index 272dfd211b4..296376af7ba 100644
--- a/rules/integrations/okta/initial_access_suspicious_activity_reported_by_okta_user.toml
+++ b/rules/integrations/okta/initial_access_suspicious_activity_reported_by_okta_user.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/lateral_movement_multiple_sessions_for_single_user.toml b/rules/integrations/okta/lateral_movement_multiple_sessions_for_single_user.toml
index 33289094cca..e12e60de510 100644
--- a/rules/integrations/okta/lateral_movement_multiple_sessions_for_single_user.toml
+++ b/rules/integrations/okta/lateral_movement_multiple_sessions_for_single_user.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/11/07"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/okta_threatinsight_threat_suspected_promotion.toml b/rules/integrations/okta/okta_threatinsight_threat_suspected_promotion.toml
index b90248f519e..795b1d799f2 100644
--- a/rules/integrations/okta/okta_threatinsight_threat_suspected_promotion.toml
+++ b/rules/integrations/okta/okta_threatinsight_threat_suspected_promotion.toml
@@ -3,7 +3,9 @@ creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
 promotion = true
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_administrator_privileges_assigned_to_okta_group.toml b/rules/integrations/okta/persistence_administrator_privileges_assigned_to_okta_group.toml
index 9b1bc5e9e8a..5347d0411a6 100644
--- a/rules/integrations/okta/persistence_administrator_privileges_assigned_to_okta_group.toml
+++ b/rules/integrations/okta/persistence_administrator_privileges_assigned_to_okta_group.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_administrator_role_assigned_to_okta_user.toml b/rules/integrations/okta/persistence_administrator_role_assigned_to_okta_user.toml
index 2631bf2930f..84a97457a26 100644
--- a/rules/integrations/okta/persistence_administrator_role_assigned_to_okta_user.toml
+++ b/rules/integrations/okta/persistence_administrator_role_assigned_to_okta_user.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_attempt_to_create_okta_api_token.toml b/rules/integrations/okta/persistence_attempt_to_create_okta_api_token.toml
index 2996475c434..e7e70c32b17 100644
--- a/rules/integrations/okta/persistence_attempt_to_create_okta_api_token.toml
+++ b/rules/integrations/okta/persistence_attempt_to_create_okta_api_token.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_attempt_to_reset_mfa_factors_for_okta_user_account.toml b/rules/integrations/okta/persistence_attempt_to_reset_mfa_factors_for_okta_user_account.toml
index 3a6ad0886e2..a07e9b1a236 100644
--- a/rules/integrations/okta/persistence_attempt_to_reset_mfa_factors_for_okta_user_account.toml
+++ b/rules/integrations/okta/persistence_attempt_to_reset_mfa_factors_for_okta_user_account.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/05/21"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_mfa_deactivation_with_no_reactivation.toml b/rules/integrations/okta/persistence_mfa_deactivation_with_no_reactivation.toml
index fc99f499c39..096f3a12b77 100644
--- a/rules/integrations/okta/persistence_mfa_deactivation_with_no_reactivation.toml
+++ b/rules/integrations/okta/persistence_mfa_deactivation_with_no_reactivation.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/05/20"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/10/09"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_new_idp_successfully_added_by_admin.toml b/rules/integrations/okta/persistence_new_idp_successfully_added_by_admin.toml
index 075937b532d..de6588f3a8c 100644
--- a/rules/integrations/okta/persistence_new_idp_successfully_added_by_admin.toml
+++ b/rules/integrations/okta/persistence_new_idp_successfully_added_by_admin.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/11/06"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_okta_attempt_to_modify_or_delete_application_sign_on_policy.toml b/rules/integrations/okta/persistence_okta_attempt_to_modify_or_delete_application_sign_on_policy.toml
index e437c4fd7cd..428a0f1902f 100644
--- a/rules/integrations/okta/persistence_okta_attempt_to_modify_or_delete_application_sign_on_policy.toml
+++ b/rules/integrations/okta/persistence_okta_attempt_to_modify_or_delete_application_sign_on_policy.toml
@@ -2,7 +2,9 @@
 creation_date = "2020/07/01"
 integration = ["okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml b/rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml
index 07ead8b7c05..e44251b069c 100644
--- a/rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml
+++ b/rules/integrations/okta/persistence_stolen_credentials_used_to_login_to_okta_account_after_mfa_reset.toml
@@ -2,7 +2,9 @@
 creation_date = "2023/11/09"
 integration = ["endpoint", "okta"]
 maturity = "production"
-updated_date = "2024/09/23"
+updated_date = "2024/11/27"
+min_stack_version = "8.14.0"
+min_stack_comments = "Breaking change at 8.14.0 for the Okta Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_new_event_action_for_pat.toml b/rules_building_block/execution_github_new_event_action_for_pat.toml
index cc3256581ed..37de0f6519c 100644
--- a/rules_building_block/execution_github_new_event_action_for_pat.toml
+++ b/rules_building_block/execution_github_new_event_action_for_pat.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_new_repo_interaction_for_pat.toml b/rules_building_block/execution_github_new_repo_interaction_for_pat.toml
index f8c429ed7cb..21b0dea9192 100644
--- a/rules_building_block/execution_github_new_repo_interaction_for_pat.toml
+++ b/rules_building_block/execution_github_new_repo_interaction_for_pat.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_new_repo_interaction_for_user.toml b/rules_building_block/execution_github_new_repo_interaction_for_user.toml
index eeb3716928a..7a9ad1b8d54 100644
--- a/rules_building_block/execution_github_new_repo_interaction_for_user.toml
+++ b/rules_building_block/execution_github_new_repo_interaction_for_user.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_repo_created.toml b/rules_building_block/execution_github_repo_created.toml
index e8232137bfa..ce5bbee58ce 100644
--- a/rules_building_block/execution_github_repo_created.toml
+++ b/rules_building_block/execution_github_repo_created.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/execution_github_repo_interaction_from_new_ip.toml b/rules_building_block/execution_github_repo_interaction_from_new_ip.toml
index 52daf9d6e29..41e8f17b7c2 100644
--- a/rules_building_block/execution_github_repo_interaction_from_new_ip.toml
+++ b/rules_building_block/execution_github_repo_interaction_from_new_ip.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/impact_github_member_removed_from_organization.toml b/rules_building_block/impact_github_member_removed_from_organization.toml
index 9b6f36d684b..72a10f4947e 100644
--- a/rules_building_block/impact_github_member_removed_from_organization.toml
+++ b/rules_building_block/impact_github_member_removed_from_organization.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/impact_github_pat_access_revoked.toml b/rules_building_block/impact_github_pat_access_revoked.toml
index 40804acb163..ebe23150035 100644
--- a/rules_building_block/impact_github_pat_access_revoked.toml
+++ b/rules_building_block/impact_github_pat_access_revoked.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/impact_github_user_blocked_from_organization.toml b/rules_building_block/impact_github_user_blocked_from_organization.toml
index 01bce32d75a..d3ef0921de1 100644
--- a/rules_building_block/impact_github_user_blocked_from_organization.toml
+++ b/rules_building_block/impact_github_user_blocked_from_organization.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/initial_access_github_new_ip_address_for_pat.toml b/rules_building_block/initial_access_github_new_ip_address_for_pat.toml
index 85b7086c02e..329431414b5 100644
--- a/rules_building_block/initial_access_github_new_ip_address_for_pat.toml
+++ b/rules_building_block/initial_access_github_new_ip_address_for_pat.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/initial_access_github_new_ip_address_for_user.toml b/rules_building_block/initial_access_github_new_ip_address_for_user.toml
index 25ef2800c7d..6c88eb70515 100644
--- a/rules_building_block/initial_access_github_new_ip_address_for_user.toml
+++ b/rules_building_block/initial_access_github_new_ip_address_for_user.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/initial_access_github_new_user_agent_for_pat.toml b/rules_building_block/initial_access_github_new_user_agent_for_pat.toml
index b473839076e..d9f5e827a5a 100644
--- a/rules_building_block/initial_access_github_new_user_agent_for_pat.toml
+++ b/rules_building_block/initial_access_github_new_user_agent_for_pat.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/initial_access_github_new_user_agent_for_user.toml b/rules_building_block/initial_access_github_new_user_agent_for_user.toml
index 8463648e69e..80920b39d18 100644
--- a/rules_building_block/initial_access_github_new_user_agent_for_user.toml
+++ b/rules_building_block/initial_access_github_new_user_agent_for_user.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/persistence_github_new_pat_for_user.toml b/rules_building_block/persistence_github_new_pat_for_user.toml
index a7cfbd7e476..40f71ba31f9 100644
--- a/rules_building_block/persistence_github_new_pat_for_user.toml
+++ b/rules_building_block/persistence_github_new_pat_for_user.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]
diff --git a/rules_building_block/persistence_github_new_user_added_to_organization.toml b/rules_building_block/persistence_github_new_user_added_to_organization.toml
index 6de318f9160..d8d802bb285 100644
--- a/rules_building_block/persistence_github_new_user_added_to_organization.toml
+++ b/rules_building_block/persistence_github_new_user_added_to_organization.toml
@@ -3,7 +3,9 @@ bypass_bbr_timing = true
 creation_date = "2023/10/11"
 integration = ["github"]
 maturity = "production"
-updated_date = "2024/05/21"
+updated_date = "2024/11/27"
+min_stack_version = "8.12.0"
+min_stack_comments = "Breaking change at 8.12.0 for the Github Integration."
 
 [rule]
 author = ["Elastic"]