diff --git a/x-pack/plugins/endpoint/common/generate_data.ts b/x-pack/plugins/endpoint/common/generate_data.ts
index 430ba1d422b96..0c9869f9a3d07 100644
--- a/x-pack/plugins/endpoint/common/generate_data.ts
+++ b/x-pack/plugins/endpoint/common/generate_data.ts
@@ -183,7 +183,7 @@ export class EndpointDocGenerator {
           trusted: false,
           subject_name: 'bad signer',
         },
-        malware_classifier: {
+        malware_classification: {
           identifier: 'endpointpe',
           score: 1,
           threshold: 0.66,
@@ -241,7 +241,7 @@ export class EndpointDocGenerator {
             sha1: 'ca85243c0af6a6471bdaa560685c51eefd6dbc0d',
             sha256: '8ad40c90a611d36eb8f9eb24fa04f7dbca713db383ff55a03aa0f382e92061a2',
           },
-          malware_classifier: {
+          malware_classification: {
             identifier: 'Whitelisted',
             score: 0,
             threshold: 0,
diff --git a/x-pack/plugins/endpoint/common/types.ts b/x-pack/plugins/endpoint/common/types.ts
index 565f47e7a0d6f..e8e1281a88925 100644
--- a/x-pack/plugins/endpoint/common/types.ts
+++ b/x-pack/plugins/endpoint/common/types.ts
@@ -113,7 +113,7 @@ export interface HashFields {
   sha1: string;
   sha256: string;
 }
-export interface MalwareClassifierFields {
+export interface MalwareClassificationFields {
   identifier: string;
   score: number;
   threshold: number;
@@ -142,7 +142,7 @@ export interface DllFields {
   };
   compile_time: number;
   hash: HashFields;
-  malware_classifier: MalwareClassifierFields;
+  malware_classification: MalwareClassificationFields;
   mapped_address: number;
   mapped_size: number;
   path: string;
@@ -194,7 +194,7 @@ export type AlertEvent = Immutable<{
     executable: string;
     sid?: string;
     start: number;
-    malware_classifier?: MalwareClassifierFields;
+    malware_classification?: MalwareClassificationFields;
     token: {
       domain: string;
       type: string;
@@ -224,7 +224,7 @@ export type AlertEvent = Immutable<{
       trusted: boolean;
       subject_name: string;
     };
-    malware_classifier: MalwareClassifierFields;
+    malware_classification: MalwareClassificationFields;
     temp_file_path: string;
   };
   host: HostFields;
diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/general_accordion.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/general_accordion.tsx
index 0183e9663bb44..79cb61693056c 100644
--- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/general_accordion.tsx
+++ b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/general_accordion.tsx
@@ -40,7 +40,7 @@ export const GeneralAccordion = memo(({ alertData }: { alertData: Immutable<Aler
         title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.malwareScore', {
           defaultMessage: 'MalwareScore',
         }),
-        description: alertData.file.malware_classifier.score,
+        description: alertData.file.malware_classification.score,
       },
       {
         title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.fileName', {
diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_accordion.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_accordion.tsx
index 4134bc35747d6..538562bfbbc06 100644
--- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_accordion.tsx
+++ b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/details/metadata/source_process_accordion.tsx
@@ -51,7 +51,7 @@ export const SourceProcessAccordion = memo(({ alertData }: { alertData: Immutabl
         title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.malwareScore', {
           defaultMessage: 'MalwareScore',
         }),
-        description: alertData.process.malware_classifier?.score || '-',
+        description: alertData.process.malware_classification?.score || '-',
       },
       {
         title: i18n.translate('xpack.endpoint.application.endpoint.alertDetails.parentProcessID', {
diff --git a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.tsx b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.tsx
index b900a0a35dbf5..6a6936c59a00e 100644
--- a/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.tsx
+++ b/x-pack/plugins/endpoint/public/applications/endpoint/view/alerts/index.tsx
@@ -183,7 +183,7 @@ export const AlertIndex = memo(() => {
       } else if (columnId === 'archived') {
         return null;
       } else if (columnId === 'malware_score') {
-        return row.file.malware_classifier.score;
+        return row.file.malware_classification.score;
       }
       return null;
     };
diff --git a/x-pack/plugins/endpoint/scripts/mapping.json b/x-pack/plugins/endpoint/scripts/mapping.json
index 34c039d643517..5878e01b52a47 100644
--- a/x-pack/plugins/endpoint/scripts/mapping.json
+++ b/x-pack/plugins/endpoint/scripts/mapping.json
@@ -90,7 +90,7 @@
               }
             }
           },
-          "malware_classifier": {
+          "malware_classification": {
             "properties": {
               "features": {
                 "properties": {
@@ -452,7 +452,7 @@
               }
             }
           },
-          "malware_classifier": {
+          "malware_classification": {
             "properties": {
               "features": {
                 "properties": {
@@ -849,7 +849,7 @@
               }
             }
           },
-          "malware_classifier": {
+          "malware_classification": {
             "properties": {
               "features": {
                 "properties": {
@@ -1494,7 +1494,7 @@
                   }
                 }
               },
-              "malware_classifier": {
+              "malware_classification": {
                 "properties": {
                   "features": {
                     "properties": {
@@ -1687,7 +1687,7 @@
                   }
                 }
               },
-              "malware_classifier": {
+              "malware_classification": {
                 "properties": {
                   "features": {
                     "properties": {
diff --git a/x-pack/test/functional/es_archives/endpoint/alerts/api_feature/data.json.gz b/x-pack/test/functional/es_archives/endpoint/alerts/api_feature/data.json.gz
index c1a3c44cb8d8d..feb2af93b0fd1 100644
Binary files a/x-pack/test/functional/es_archives/endpoint/alerts/api_feature/data.json.gz and b/x-pack/test/functional/es_archives/endpoint/alerts/api_feature/data.json.gz differ
diff --git a/x-pack/test/functional/es_archives/endpoint/alerts/api_feature/mappings.json b/x-pack/test/functional/es_archives/endpoint/alerts/api_feature/mappings.json
index e0a7068e1149a..64dc395ab69a4 100644
--- a/x-pack/test/functional/es_archives/endpoint/alerts/api_feature/mappings.json
+++ b/x-pack/test/functional/es_archives/endpoint/alerts/api_feature/mappings.json
@@ -94,7 +94,7 @@
                 }
               }
             },
-            "malware_classifier": {
+            "malware_classification": {
               "properties": {
                 "features": {
                   "properties": {
@@ -454,7 +454,7 @@
                 }
               }
             },
-            "malware_classifier": {
+            "malware_classification": {
               "properties": {
                 "features": {
                   "properties": {
@@ -851,7 +851,7 @@
                 }
               }
             },
-            "malware_classifier": {
+            "malware_classification": {
               "properties": {
                 "features": {
                   "properties": {
@@ -1496,7 +1496,7 @@
                     }
                   }
                 },
-                "malware_classifier": {
+                "malware_classification": {
                   "properties": {
                     "features": {
                       "properties": {
@@ -1689,7 +1689,7 @@
                     }
                   }
                 },
-                "malware_classifier": {
+                "malware_classification": {
                   "properties": {
                     "features": {
                       "properties": {