diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/rule_definition_section.tsx b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/rule_definition_section.tsx
index d1dc43ac63a1e..fb5b14b579859 100644
--- a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/rule_definition_section.tsx
+++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/rule_definition_section.tsx
@@ -58,6 +58,7 @@ import {
   useRequiredFieldsStyles,
 } from './rule_definition_section.styles';
 import { getQueryLanguageLabel } from './helpers';
+import { useDefaultIndexPattern } from './use_default_index_pattern';
 
 interface SavedQueryNameProps {
   savedQueryName: string;
@@ -84,9 +85,11 @@ export const Filters = ({
 }: FiltersProps) => {
   const flattenedFilters = mapAndFlattenFilters(filters);
 
+  const defaultIndexPattern = useDefaultIndexPattern();
+
   const { indexPattern } = useRuleIndexPattern({
     dataSourceType: dataViewId ? DataSourceType.DataView : DataSourceType.IndexPatterns,
-    index: index ?? [],
+    index: index ?? defaultIndexPattern,
     dataViewId,
   });
 
@@ -480,6 +483,8 @@ const prepareDefinitionSectionListItems = (
           <Filters
             filters={savedQuery.attributes.filters as Filter[]}
             data-test-subj="savedQueryFiltersPropertyValue"
+            dataViewId={'data_view_id' in rule ? rule.data_view_id : undefined}
+            index={'index' in rule ? rule.index : undefined}
           />
         ),
       });
diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/eql_query/eql_query.tsx b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/eql_query/eql_query.tsx
index 01f7752f8e918..6e4024fa37c0d 100644
--- a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/eql_query/eql_query.tsx
+++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/eql_query/eql_query.tsx
@@ -27,12 +27,12 @@ export function EqlQueryReadOnly({ eqlQuery, dataSource }: EqlQueryReadOnlyProps
     },
   ];
 
-  if (eqlQuery.filters.length > 0 && dataSource) {
+  if (eqlQuery.filters.length > 0) {
     const index =
-      dataSource.type === DataSourceType.index_patterns ? dataSource.index_patterns : undefined;
+      dataSource?.type === DataSourceType.index_patterns ? dataSource.index_patterns : undefined;
 
     const dataViewId =
-      dataSource.type === DataSourceType.data_view ? dataSource.data_view_id : undefined;
+      dataSource?.type === DataSourceType.data_view ? dataSource.data_view_id : undefined;
 
     listItems.push({
       title: descriptionStepI18n.FILTERS_LABEL,
diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/kql_query/inline_kql_query.tsx b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/kql_query/inline_kql_query.tsx
index 5754a742b224f..7895d3ea4e863 100644
--- a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/kql_query/inline_kql_query.tsx
+++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/kql_query/inline_kql_query.tsx
@@ -51,12 +51,12 @@ export function InlineKqlQueryReadOnly({
     },
   ];
 
-  if (kqlQuery.filters.length > 0 && dataSource) {
+  if (kqlQuery.filters.length > 0) {
     const index =
-      dataSource.type === DataSourceType.index_patterns ? dataSource.index_patterns : undefined;
+      dataSource?.type === DataSourceType.index_patterns ? dataSource.index_patterns : undefined;
 
     const dataViewId =
-      dataSource.type === DataSourceType.data_view ? dataSource.data_view_id : undefined;
+      dataSource?.type === DataSourceType.data_view ? dataSource.data_view_id : undefined;
 
     listItems.push({
       title: i18nLabels.filters,
diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/kql_query/kql_query.stories.tsx b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/kql_query/kql_query.stories.tsx
index 86202c659ccfb..61d31d983b183 100644
--- a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/kql_query/kql_query.stories.tsx
+++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/kql_query/kql_query.stories.tsx
@@ -75,6 +75,25 @@ InlineKqlQueryWithDataView.args = {
   },
 };
 
+export const InlineKqlQueryWithoutDataSource = Template.bind({});
+
+/*
+  Filters should still be displayed if no `data_source` is provided.
+  Component would fall back to the default index pattern in such case.
+*/
+InlineKqlQueryWithoutDataSource.args = {
+  finalDiffableRule: {
+    kql_query: inlineKqlQuery,
+  },
+  kibanaServicesMock: {
+    data: {
+      dataViews: {
+        create: async () => mockDataView(),
+      },
+    },
+  },
+};
+
 export const SavedKqlQueryWithIndexPatterns = Template.bind({});
 
 SavedKqlQueryWithIndexPatterns.args = {
diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/kql_query/saved_kql_query.tsx b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/kql_query/saved_kql_query.tsx
index 694925faa827d..78796ab1ac454 100644
--- a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/kql_query/saved_kql_query.tsx
+++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/fields/kql_query/saved_kql_query.tsx
@@ -54,12 +54,12 @@ export function SavedKqlQueryReadOnly({ kqlQuery, dataSource, ruleType }: SavedQ
     });
   }
 
-  if (savedQuery.attributes.filters && dataSource) {
+  if (savedQuery.attributes.filters) {
     const index =
-      dataSource.type === DataSourceType.index_patterns ? dataSource.index_patterns : undefined;
+      dataSource?.type === DataSourceType.index_patterns ? dataSource.index_patterns : undefined;
 
     const dataViewId =
-      dataSource.type === DataSourceType.data_view ? dataSource.data_view_id : undefined;
+      dataSource?.type === DataSourceType.data_view ? dataSource.data_view_id : undefined;
 
     listItems.push({
       title: descriptionStepI18n.SAVED_QUERY_FILTERS_LABEL,
diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/storybook/three_way_diff_storybook_providers.tsx b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/storybook/three_way_diff_storybook_providers.tsx
index 5c560a61dc25a..483624b6fb408 100644
--- a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/storybook/three_way_diff_storybook_providers.tsx
+++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/storybook/three_way_diff_storybook_providers.tsx
@@ -6,8 +6,10 @@
  */
 
 import React from 'react';
+import { configureStore } from '@reduxjs/toolkit';
 import { merge } from 'lodash';
 import { Subject } from 'rxjs';
+import { Provider as ReduxStoreProvider } from 'react-redux';
 import type { CoreStart } from '@kbn/core/public';
 import { createKibanaReactContext } from '@kbn/kibana-react-plugin/public';
 import { ReactQueryClientProvider } from '../../../../../../../common/containers/query_client/query_client_provider';
@@ -36,7 +38,7 @@ function createKibanaServicesMock(overrides?: Partial<CoreStart>) {
     },
     settings: {
       client: {
-        get: () => {},
+        get: (key: string, defaultOverride?: unknown) => defaultOverride,
         get$: () => new Subject(),
         set: () => {},
       },
@@ -47,6 +49,20 @@ function createKibanaServicesMock(overrides?: Partial<CoreStart>) {
   return merge(baseMock, overrides);
 }
 
+function createMockStore() {
+  const store = configureStore({
+    reducer: {
+      app: () => ({
+        enableExperimental: {
+          prebuiltRulesCustomizationEnabled: true,
+        },
+      }),
+    },
+  });
+
+  return store;
+}
+
 interface StorybookProvidersProps {
   children: React.ReactNode;
   kibanaServicesMock?: Record<string, unknown>;
@@ -58,9 +74,13 @@ export function ThreeWayDiffStorybookProviders({
 }: StorybookProvidersProps) {
   const KibanaReactContext = createKibanaReactContext(createKibanaServicesMock(kibanaServicesMock));
 
+  const store = createMockStore();
+
   return (
     <KibanaReactContext.Provider>
-      <ReactQueryClientProvider>{children}</ReactQueryClientProvider>
+      <ReactQueryClientProvider>
+        <ReduxStoreProvider store={store}>{children}</ReduxStoreProvider>
+      </ReactQueryClientProvider>
     </KibanaReactContext.Provider>
   );
 }
diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/use_default_index_pattern.tsx b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/use_default_index_pattern.tsx
new file mode 100644
index 0000000000000..3482df562bac0
--- /dev/null
+++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/use_default_index_pattern.tsx
@@ -0,0 +1,27 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { useKibana } from '../../../../common/lib/kibana/kibana_react';
+import { DEFAULT_INDEX_KEY, DEFAULT_INDEX_PATTERN } from '../../../../../common/constants';
+import { useIsExperimentalFeatureEnabled } from '../../../../common/hooks/use_experimental_features';
+
+/**
+ * Gets the default index pattern for cases when rule has neither index patterns or data view.
+ * First checks the config value. If it's not present falls back to the hardcoded default value.
+ */
+export function useDefaultIndexPattern() {
+  const { services } = useKibana();
+  const isPrebuiltRulesCustomizationEnabled = useIsExperimentalFeatureEnabled(
+    'prebuiltRulesCustomizationEnabled'
+  );
+
+  if (isPrebuiltRulesCustomizationEnabled) {
+    return services.settings.client.get(DEFAULT_INDEX_KEY, DEFAULT_INDEX_PATTERN);
+  }
+
+  return [];
+}