From 42d2464157b8c8ae07e21762e34d652c9a27d377 Mon Sep 17 00:00:00 2001
From: Andrew Macri <andrew.macri@elastic.co>
Date: Thu, 20 Feb 2025 16:17:12 -0500
Subject: [PATCH] [Security Solution] [Attack discovery] Removes Alerts
 filtering feature flag (#209851)

### [Security Solution] [Attack discovery] Removes Alerts filtering feature flag

This PR removes the feature flag for the Attack discovery _Alerts filtering_ feature, introduced in <https://github.com/elastic/kibana/pull/205070>.

The `Attack discovery settings` flyout shown in the gif below is now available for all Attack discovery users when they click the settings gear:

![00_alerts_filtering](https://github.com/user-attachments/assets/1a81413b-b8f4-4965-a006-25fb529668a6)

#### Details

This PR _removes_ the `attackDiscoveryAlertFiltering` feature flag, which was configured via the following setting in kibana.dev.yml:

```yaml
xpack.securitySolution.enableExperimental:
  - 'attackDiscoveryAlertFiltering'
```

#### Desk testing

1. Ensure the `attackDiscoveryAlertFiltering` feature flag is present in `kibana.dev.yml`:

```yaml
xpack.securitySolution.enableExperimental:
  - 'attackDiscoveryAlertFiltering'
```

2. Start Kibana server and observe the startup logs

**Expected result**

- A warning that the `attackDiscoveryAlertFiltering` flag is no longer supported is logged:

```
[2025-02-05T11:24:31.612-05:00][WARN ][plugins.securitySolution.config] Unsupported "xpack.securitySolution.enableExperimental" values detected.
The following configuration values are no longer supported and should be removed from the kibana configuration file:

    xpack.securitySolution.enableExperimental:
      - attackDiscoveryAlertFiltering
```

3. Remove the `attackDiscoveryAlertFiltering` feature flag from `kibana.dev.yml`

4. Restart Kibana server and once again observe the startup logs

**Expected result**

- The warning displayed in step 2 is NOT logged

5. Navigate to Security > Attack discovery

6. Click the `Settings` gear

**Expected result**

- The `Attack discovery settings` flyout shown in the PR description above appears
---
 .../impl/capabilities/index.ts                |   1 -
 .../get_capabilities_route.gen.ts             |   1 -
 .../get_capabilities_route.schema.yaml        |   3 -
 .../translations/translations/fr-FR.json      |  10 --
 .../translations/translations/ja-JP.json      |  10 --
 .../translations/translations/zh-CN.json      |  10 --
 .../common/experimental_features.ts           |   5 -
 .../pages/header/index.test.tsx               |  17 +-
 .../attack_discovery/pages/header/index.tsx   |  32 +---
 .../alerts_settings/index.test.tsx            |  39 -----
 .../settings_modal/alerts_settings/index.tsx  |  78 ---------
 .../settings_modal/footer/index.test.tsx      |  42 -----
 .../header/settings_modal/footer/index.tsx    |  57 -------
 .../header/settings_modal/index.test.tsx      |  72 --------
 .../pages/header/settings_modal/index.tsx     | 158 ------------------
 .../is_tour_enabled/index.test.ts             |  76 ---------
 .../settings_modal/is_tour_enabled/index.ts   |  18 --
 .../header/settings_modal/translations.ts     |  81 ---------
 .../attack_discovery/pages/index.test.tsx     |  43 +----
 .../public/attack_discovery/pages/index.tsx   |  29 +---
 .../loading_messages/index.test.tsx           |  42 +----
 .../loading_messages/index.tsx                |  18 +-
 .../pages/settings_flyout/footer/index.tsx    |   2 +-
 .../settings_flyout/footer/translations.ts    |  29 ++++
 .../security_solution/server/plugin.ts        |   1 -
 25 files changed, 58 insertions(+), 816 deletions(-)
 delete mode 100644 x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/alerts_settings/index.test.tsx
 delete mode 100644 x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/alerts_settings/index.tsx
 delete mode 100644 x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/footer/index.test.tsx
 delete mode 100644 x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/footer/index.tsx
 delete mode 100644 x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/index.test.tsx
 delete mode 100644 x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/index.tsx
 delete mode 100644 x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/is_tour_enabled/index.test.ts
 delete mode 100644 x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/is_tour_enabled/index.ts
 delete mode 100644 x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/translations.ts
 create mode 100644 x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/settings_flyout/footer/translations.ts

diff --git a/x-pack/platform/packages/shared/kbn-elastic-assistant-common/impl/capabilities/index.ts b/x-pack/platform/packages/shared/kbn-elastic-assistant-common/impl/capabilities/index.ts
index 9b7a26d73027b..b7c8e092b2eec 100644
--- a/x-pack/platform/packages/shared/kbn-elastic-assistant-common/impl/capabilities/index.ts
+++ b/x-pack/platform/packages/shared/kbn-elastic-assistant-common/impl/capabilities/index.ts
@@ -21,6 +21,5 @@ export type AssistantFeatureKey = keyof AssistantFeatures;
 export const defaultAssistantFeatures = Object.freeze({
   assistantModelEvaluation: false,
   defendInsights: true,
-  attackDiscoveryAlertFiltering: false,
   contentReferencesEnabled: false,
 });
diff --git a/x-pack/platform/packages/shared/kbn-elastic-assistant-common/impl/schemas/capabilities/get_capabilities_route.gen.ts b/x-pack/platform/packages/shared/kbn-elastic-assistant-common/impl/schemas/capabilities/get_capabilities_route.gen.ts
index 78ee4a6c3e605..9ff0c2ebf59e7 100644
--- a/x-pack/platform/packages/shared/kbn-elastic-assistant-common/impl/schemas/capabilities/get_capabilities_route.gen.ts
+++ b/x-pack/platform/packages/shared/kbn-elastic-assistant-common/impl/schemas/capabilities/get_capabilities_route.gen.ts
@@ -19,7 +19,6 @@ import { z } from '@kbn/zod';
 export type GetCapabilitiesResponse = z.infer<typeof GetCapabilitiesResponse>;
 export const GetCapabilitiesResponse = z.object({
   assistantModelEvaluation: z.boolean(),
-  attackDiscoveryAlertFiltering: z.boolean(),
   contentReferencesEnabled: z.boolean(),
   defendInsights: z.boolean(),
 });
diff --git a/x-pack/platform/packages/shared/kbn-elastic-assistant-common/impl/schemas/capabilities/get_capabilities_route.schema.yaml b/x-pack/platform/packages/shared/kbn-elastic-assistant-common/impl/schemas/capabilities/get_capabilities_route.schema.yaml
index 684ff6f020793..2dc79cfe3d116 100644
--- a/x-pack/platform/packages/shared/kbn-elastic-assistant-common/impl/schemas/capabilities/get_capabilities_route.schema.yaml
+++ b/x-pack/platform/packages/shared/kbn-elastic-assistant-common/impl/schemas/capabilities/get_capabilities_route.schema.yaml
@@ -22,15 +22,12 @@ paths:
                 properties:
                   assistantModelEvaluation:
                     type: boolean
-                  attackDiscoveryAlertFiltering:
-                    type: boolean
                   contentReferencesEnabled:
                     type: boolean
                   defendInsights:
                     type: boolean
                 required:
                   - assistantModelEvaluation
-                  - attackDiscoveryAlertFiltering
                   - contentReferencesEnabled
                   - defendInsights
         '400':
diff --git a/x-pack/platform/plugins/private/translations/translations/fr-FR.json b/x-pack/platform/plugins/private/translations/translations/fr-FR.json
index 869d6144f284b..d3322f1c0c511 100644
--- a/x-pack/platform/plugins/private/translations/translations/fr-FR.json
+++ b/x-pack/platform/plugins/private/translations/translations/fr-FR.json
@@ -34217,16 +34217,6 @@
     "xpack.securitySolution.attackDiscovery.pages.pageTitle.statusConnectors": "Vous avez {newDiscoveriesCount} {newDiscoveriesCount, plural, =1 {nouvelle découverte} other {nouvelles découvertes}} à travers {newConnectorResultsCount} {newConnectorResultsCount, plural, =1 {connecteur} other {connecteurs}} à examiner.",
     "xpack.securitySolution.attackDiscovery.pages.welcome.firstSetUpLabel": "Tout d’abord, configurez un connecteur d’IA générative.",
     "xpack.securitySolution.attackDiscovery.pages.welcome.welcomeToAttackDiscoveryLabel": "Bienvenue sur Attack discovery !",
-    "xpack.securitySolution.attackDiscovery.settingsModal.alertsLabel": "Alertes",
-    "xpack.securitySolution.attackDiscovery.settingsModal.attackDiscoverySendsMoreAlertsTourText": "La découverte d'attaques envoie davantage d'alertes en tant que contexte.",
-    "xpack.securitySolution.attackDiscovery.settingsModal.cancelButton": "Annuler",
-    "xpack.securitySolution.attackDiscovery.settingsModal.configureYourSettingsHereTourText": "Configurez vos paramètres ici.",
-    "xpack.securitySolution.attackDiscovery.settingsModal.latestAndRiskiestOpenAlertsLabel": "Envoyez à Attack discovery des informations sur vos {alertsCount} alertes ouvertes ou confirmées les plus récentes et les plus risquées.",
-    "xpack.securitySolution.attackDiscovery.settingsModal.resetLabel": "Réinitialiser",
-    "xpack.securitySolution.attackDiscovery.settingsModal.saveButton": "Enregistrer",
-    "xpack.securitySolution.attackDiscovery.settingsModal.settingsLabel": "Paramètres",
-    "xpack.securitySolution.attackDiscovery.settingsModal.tourSubtitle": "Améliorations récentes de Attack Discovery",
-    "xpack.securitySolution.attackDiscovery.settingsModal.tourTitle": "Envoyer plus d'alertes",
     "xpack.securitySolution.attackDiscovery.showAnonymizedLabel": "Afficher les anonymisés",
     "xpack.securitySolution.attackDiscovery.showRealValuesLabel": "Afficher les valeurs réelles",
     "xpack.securitySolution.attackDiscovery.summaryCount.alertsLabel": "{alertsCount} {alertsCount, plural, =1 {alerte} other {alertes}}",
diff --git a/x-pack/platform/plugins/private/translations/translations/ja-JP.json b/x-pack/platform/plugins/private/translations/translations/ja-JP.json
index 6fbd5f2a994bf..9c3b79be6b06b 100644
--- a/x-pack/platform/plugins/private/translations/translations/ja-JP.json
+++ b/x-pack/platform/plugins/private/translations/translations/ja-JP.json
@@ -34079,16 +34079,6 @@
     "xpack.securitySolution.attackDiscovery.pages.pageTitle.statusConnectors": "{newConnectorResultsCount} {newConnectorResultsCount, plural, other {コネクター}}全体で、表示する{newDiscoveriesCount}件の新しい{newDiscoveriesCount, plural, other {検出}}があります。",
     "xpack.securitySolution.attackDiscovery.pages.welcome.firstSetUpLabel": "まず、生成AIコネクターを設定します。",
     "xpack.securitySolution.attackDiscovery.pages.welcome.welcomeToAttackDiscoveryLabel": "Attack Discoveryへようこそ！",
-    "xpack.securitySolution.attackDiscovery.settingsModal.alertsLabel": "アラート",
-    "xpack.securitySolution.attackDiscovery.settingsModal.attackDiscoverySendsMoreAlertsTourText": "Attack discoveryはその他のアラートをコンテキストとして送信します。",
-    "xpack.securitySolution.attackDiscovery.settingsModal.cancelButton": "キャンセル",
-    "xpack.securitySolution.attackDiscovery.settingsModal.configureYourSettingsHereTourText": "ここで設定を構成します。",
-    "xpack.securitySolution.attackDiscovery.settingsModal.latestAndRiskiestOpenAlertsLabel": "{alertsCount}件の最新の最もリスクが高い未解決または確認済みのアラートに関するAttack discovery情報を送信します。",
-    "xpack.securitySolution.attackDiscovery.settingsModal.resetLabel": "リセット",
-    "xpack.securitySolution.attackDiscovery.settingsModal.saveButton": "保存",
-    "xpack.securitySolution.attackDiscovery.settingsModal.settingsLabel": "設定",
-    "xpack.securitySolution.attackDiscovery.settingsModal.tourSubtitle": "最近のAttack discoveryの改良",
-    "xpack.securitySolution.attackDiscovery.settingsModal.tourTitle": "その他のアラートを送信",
     "xpack.securitySolution.attackDiscovery.showAnonymizedLabel": "匿名化して表示",
     "xpack.securitySolution.attackDiscovery.showRealValuesLabel": "実際の値を表示",
     "xpack.securitySolution.attackDiscovery.summaryCount.alertsLabel": "{alertsCount} {alertsCount, plural, other {件のアラート}}",
diff --git a/x-pack/platform/plugins/private/translations/translations/zh-CN.json b/x-pack/platform/plugins/private/translations/translations/zh-CN.json
index 6e8207db310e0..0edea0d7c6b11 100644
--- a/x-pack/platform/plugins/private/translations/translations/zh-CN.json
+++ b/x-pack/platform/plugins/private/translations/translations/zh-CN.json
@@ -33551,16 +33551,6 @@
     "xpack.securitySolution.attackDiscovery.pages.pageTitle.statusConnectors": "您具有 {newDiscoveriesCount} 个新{newDiscoveriesCount, plural, other {发现}}可跨 {newConnectorResultsCount} 个{newConnectorResultsCount, plural, other {连接器}}查看。",
     "xpack.securitySolution.attackDiscovery.pages.welcome.firstSetUpLabel": "首先设置生成式 AI 连接器。",
     "xpack.securitySolution.attackDiscovery.pages.welcome.welcomeToAttackDiscoveryLabel": "欢迎使用 Attack Discovery！",
-    "xpack.securitySolution.attackDiscovery.settingsModal.alertsLabel": "告警",
-    "xpack.securitySolution.attackDiscovery.settingsModal.attackDiscoverySendsMoreAlertsTourText": "Attack Discovery 会发送更多告警作为上下文。",
-    "xpack.securitySolution.attackDiscovery.settingsModal.cancelButton": "取消",
-    "xpack.securitySolution.attackDiscovery.settingsModal.configureYourSettingsHereTourText": "在此配置您的设置。",
-    "xpack.securitySolution.attackDiscovery.settingsModal.latestAndRiskiestOpenAlertsLabel": "发送有关 {alertsCount} 个最新和风险最高的未决或已确认告警的 Attack Discovery 信息。",
-    "xpack.securitySolution.attackDiscovery.settingsModal.resetLabel": "重置",
-    "xpack.securitySolution.attackDiscovery.settingsModal.saveButton": "保存",
-    "xpack.securitySolution.attackDiscovery.settingsModal.settingsLabel": "设置",
-    "xpack.securitySolution.attackDiscovery.settingsModal.tourSubtitle": "最近的 Attack Discovery 改进",
-    "xpack.securitySolution.attackDiscovery.settingsModal.tourTitle": "发送更多告警",
     "xpack.securitySolution.attackDiscovery.showAnonymizedLabel": "显示已匿名处理项",
     "xpack.securitySolution.attackDiscovery.showRealValuesLabel": "显示实际值",
     "xpack.securitySolution.attackDiscovery.summaryCount.alertsLabel": "{alertsCount} 个{alertsCount, plural, other {告警}}",
diff --git a/x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts b/x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts
index 9ce3b5d588371..02f3e85d143ca 100644
--- a/x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts
+++ b/x-pack/solutions/security/plugins/security_solution/common/experimental_features.ts
@@ -114,11 +114,6 @@ export const allowedExperimentalValues = Object.freeze({
    */
   assistantModelEvaluation: false,
 
-  /**
-   * Enables filtering of Attack Discovery alerts in a flyout
-   */
-  attackDiscoveryAlertFiltering: false,
-
   /**
    * Enables content references (citations) in the AI Assistant
    */
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/index.test.tsx b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/index.test.tsx
index e48027812f1ec..2124c38722ec0 100644
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/index.test.tsx
+++ b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/index.test.tsx
@@ -6,7 +6,6 @@
  */
 
 import { DEFAULT_ATTACK_DISCOVERY_MAX_ALERTS } from '@kbn/elastic-assistant';
-import { defaultAssistantFeatures } from '@kbn/elastic-assistant-common';
 import { fireEvent, render, screen, waitFor } from '@testing-library/react';
 import React from 'react';
 
@@ -16,18 +15,6 @@ import { Header } from '.';
 
 jest.mock('../../../assistant/use_assistant_availability');
 
-jest.mock('@kbn/elastic-assistant-common', () => {
-  const original = jest.requireActual('@kbn/elastic-assistant-common');
-
-  return {
-    ...original,
-    defaultAssistantFeatures: {
-      ...original.defaultAssistantFeatures,
-      attackDiscoveryAlertFiltering: jest.mocked<boolean>(false), // <-- feature flag is off by default
-    },
-  };
-});
-
 const defaultProps = {
   stats: null,
   connectorId: 'testConnectorId',
@@ -50,7 +37,6 @@ describe('Actions', () => {
     });
 
     jest.clearAllMocks();
-    (defaultAssistantFeatures.attackDiscoveryAlertFiltering as jest.Mocked<boolean>) = false; // reset feature flag to off
   });
 
   it('renders the connector selector', () => {
@@ -139,8 +125,7 @@ describe('Actions', () => {
     expect(generate).toBeDisabled();
   });
 
-  it('invokes openFlyout when the settings button is clicked, when the attackDiscoveryAlertFiltering feature flag is on', async () => {
-    (defaultAssistantFeatures.attackDiscoveryAlertFiltering as jest.Mocked<boolean>) = true;
+  it('invokes openFlyout when the settings button is clicked', async () => {
     const openFlyout = jest.fn();
 
     render(
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/index.tsx b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/index.tsx
index 46019520401e5..8b299eaab7025 100644
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/index.tsx
+++ b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/index.tsx
@@ -15,12 +15,11 @@ import {
   useEuiTheme,
 } from '@elastic/eui';
 import { css } from '@emotion/react';
-import { ConnectorSelectorInline, useAssistantContext } from '@kbn/elastic-assistant';
+import { ConnectorSelectorInline } from '@kbn/elastic-assistant';
 import type { AttackDiscoveryStats } from '@kbn/elastic-assistant-common';
 import { noop } from 'lodash/fp';
 import React, { useCallback, useEffect, useMemo, useState } from 'react';
 
-import { SettingsModal } from './settings_modal';
 import { StatusBell } from './status_bell';
 import * as i18n from './translations';
 
@@ -51,10 +50,6 @@ const HeaderComponent: React.FC<Props> = ({
   setLocalStorageAttackDiscoveryMaxAlerts,
   stats,
 }) => {
-  const {
-    assistantFeatures: { attackDiscoveryAlertFiltering },
-  } = useAssistantContext();
-
   const { euiTheme } = useEuiTheme();
   const disabled = connectorId == null;
 
@@ -120,24 +115,15 @@ const HeaderComponent: React.FC<Props> = ({
         `}
         grow={false}
       >
-        {attackDiscoveryAlertFiltering ? (
-          <EuiToolTip content={i18n.SETTINGS} data-test-subj="openAlertSelectionToolTip">
-            <EuiButtonIcon
-              aria-label={i18n.SETTINGS}
-              color="text"
-              data-test-subj="openAlertSelection"
-              iconType="gear"
-              onClick={openFlyout}
-            />
-          </EuiToolTip>
-        ) : (
-          <SettingsModal
-            connectorId={connectorId}
-            isLoading={isLoading}
-            localStorageAttackDiscoveryMaxAlerts={localStorageAttackDiscoveryMaxAlerts}
-            setLocalStorageAttackDiscoveryMaxAlerts={setLocalStorageAttackDiscoveryMaxAlerts}
+        <EuiToolTip content={i18n.SETTINGS} data-test-subj="openAlertSelectionToolTip">
+          <EuiButtonIcon
+            aria-label={i18n.SETTINGS}
+            color="text"
+            data-test-subj="openAlertSelection"
+            iconType="gear"
+            onClick={openFlyout}
           />
-        )}
+        </EuiToolTip>
       </EuiFlexItem>
 
       <EuiFlexItem grow={false}>
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/alerts_settings/index.test.tsx b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/alerts_settings/index.test.tsx
deleted file mode 100644
index 958c9094fabf3..0000000000000
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/alerts_settings/index.test.tsx
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
-import { render, screen, fireEvent } from '@testing-library/react';
-import React from 'react';
-
-import { AlertsSettings, MAX_ALERTS } from '.';
-
-const maxAlerts = '150';
-
-const setMaxAlerts = jest.fn();
-
-describe('AlertsSettings', () => {
-  it('calls setMaxAlerts when the alerts range changes', () => {
-    render(<AlertsSettings maxAlerts={maxAlerts} setMaxAlerts={setMaxAlerts} />);
-
-    fireEvent.click(screen.getByText(`${MAX_ALERTS}`));
-
-    expect(setMaxAlerts).toHaveBeenCalledWith(`${MAX_ALERTS}`);
-  });
-
-  it('displays the correct maxAlerts value', () => {
-    render(<AlertsSettings maxAlerts={maxAlerts} setMaxAlerts={setMaxAlerts} />);
-
-    expect(screen.getByTestId('alertsRange')).toHaveValue(maxAlerts);
-  });
-
-  it('displays the expected text for anonymization settings', () => {
-    render(<AlertsSettings maxAlerts={maxAlerts} setMaxAlerts={setMaxAlerts} />);
-
-    expect(screen.getByTestId('latestAndRiskiest')).toHaveTextContent(
-      'Send Attack discovery information about your 150 newest and riskiest open or acknowledged alerts.'
-    );
-  });
-});
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/alerts_settings/index.tsx b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/alerts_settings/index.tsx
deleted file mode 100644
index 7741d3214ee36..0000000000000
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/alerts_settings/index.tsx
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
-import type { SingleRangeChangeEvent } from '@kbn/elastic-assistant';
-import { EuiFlexGroup, EuiFlexItem, EuiForm, EuiFormRow, EuiSpacer, EuiText } from '@elastic/eui';
-import {
-  AlertsRange,
-  SELECT_FEWER_ALERTS,
-  YOUR_ANONYMIZATION_SETTINGS,
-} from '@kbn/elastic-assistant';
-import React, { useCallback } from 'react';
-
-import * as i18n from '../translations';
-
-export const MAX_ALERTS = 500;
-export const MIN_ALERTS = 50;
-export const STEP = 50;
-
-interface Props {
-  maxAlerts: string;
-  setMaxAlerts: React.Dispatch<React.SetStateAction<string>>;
-}
-
-const AlertsSettingsComponent: React.FC<Props> = ({ maxAlerts, setMaxAlerts }) => {
-  const onChangeAlertsRange = useCallback(
-    (e: SingleRangeChangeEvent) => {
-      setMaxAlerts(e.currentTarget.value);
-    },
-    [setMaxAlerts]
-  );
-
-  return (
-    <EuiForm component="form">
-      <EuiFormRow hasChildLabel={false} label={i18n.ALERTS}>
-        <EuiFlexGroup direction="column" gutterSize="none">
-          <EuiFlexItem grow={false}>
-            <AlertsRange
-              maxAlerts={MAX_ALERTS}
-              minAlerts={MIN_ALERTS}
-              onChange={onChangeAlertsRange}
-              step={STEP}
-              value={maxAlerts}
-            />
-            <EuiSpacer size="m" />
-          </EuiFlexItem>
-
-          <EuiFlexItem grow={true}>
-            <EuiText color="subdued" size="xs">
-              <span data-test-subj="latestAndRiskiest">
-                {i18n.LATEST_AND_RISKIEST_OPEN_ALERTS(Number(maxAlerts))}
-              </span>
-            </EuiText>
-          </EuiFlexItem>
-
-          <EuiFlexItem grow={true}>
-            <EuiText color="subdued" size="xs">
-              <span>{YOUR_ANONYMIZATION_SETTINGS}</span>
-            </EuiText>
-          </EuiFlexItem>
-
-          <EuiFlexItem grow={true}>
-            <EuiText color="subdued" size="xs">
-              <span>{SELECT_FEWER_ALERTS}</span>
-            </EuiText>
-          </EuiFlexItem>
-        </EuiFlexGroup>
-      </EuiFormRow>
-    </EuiForm>
-  );
-};
-
-AlertsSettingsComponent.displayName = 'AlertsSettings';
-
-export const AlertsSettings = React.memo(AlertsSettingsComponent);
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/footer/index.test.tsx b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/footer/index.test.tsx
deleted file mode 100644
index e487304c41350..0000000000000
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/footer/index.test.tsx
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
-import React from 'react';
-import { fireEvent, render, screen } from '@testing-library/react';
-
-import { Footer } from '.';
-
-describe('Footer', () => {
-  const closeModal = jest.fn();
-  const onReset = jest.fn();
-  const onSave = jest.fn();
-
-  beforeEach(() => jest.clearAllMocks());
-
-  it('calls onReset when the reset button is clicked', () => {
-    render(<Footer closeModal={closeModal} onReset={onReset} onSave={onSave} />);
-
-    fireEvent.click(screen.getByTestId('reset'));
-
-    expect(onReset).toHaveBeenCalled();
-  });
-
-  it('calls closeModal when the cancel button is clicked', () => {
-    render(<Footer closeModal={closeModal} onReset={onReset} onSave={onSave} />);
-
-    fireEvent.click(screen.getByTestId('cancel'));
-
-    expect(closeModal).toHaveBeenCalled();
-  });
-
-  it('calls onSave when the save button is clicked', () => {
-    render(<Footer closeModal={closeModal} onReset={onReset} onSave={onSave} />);
-    fireEvent.click(screen.getByTestId('save'));
-
-    expect(onSave).toHaveBeenCalled();
-  });
-});
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/footer/index.tsx b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/footer/index.tsx
deleted file mode 100644
index 4acbd4d98990f..0000000000000
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/footer/index.tsx
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
-import { EuiButton, EuiButtonEmpty, EuiFlexGroup, EuiFlexItem, useEuiTheme } from '@elastic/eui';
-import { css } from '@emotion/react';
-import React from 'react';
-
-import * as i18n from '../translations';
-
-interface Props {
-  closeModal: () => void;
-  onReset: () => void;
-  onSave: () => void;
-}
-
-const FooterComponent: React.FC<Props> = ({ closeModal, onReset, onSave }) => {
-  const { euiTheme } = useEuiTheme();
-
-  return (
-    <EuiFlexGroup alignItems="center" gutterSize="none" justifyContent="spaceBetween">
-      <EuiFlexItem grow={false}>
-        <EuiButtonEmpty data-test-subj="reset" flush="both" onClick={onReset} size="s">
-          {i18n.RESET}
-        </EuiButtonEmpty>
-      </EuiFlexItem>
-
-      <EuiFlexItem grow={false}>
-        <EuiFlexGroup alignItems="center" gutterSize="none">
-          <EuiFlexItem
-            css={css`
-              margin-right: ${euiTheme.size.s};
-            `}
-            grow={false}
-          >
-            <EuiButtonEmpty data-test-subj="cancel" onClick={closeModal} size="s">
-              {i18n.CANCEL}
-            </EuiButtonEmpty>
-          </EuiFlexItem>
-
-          <EuiFlexItem grow={false}>
-            <EuiButton data-test-subj="save" fill onClick={onSave} size="s">
-              {i18n.SAVE}
-            </EuiButton>
-          </EuiFlexItem>
-        </EuiFlexGroup>
-      </EuiFlexItem>
-    </EuiFlexGroup>
-  );
-};
-
-FooterComponent.displayName = 'Footer';
-
-export const Footer = React.memo(FooterComponent);
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/index.test.tsx b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/index.test.tsx
deleted file mode 100644
index d1d7fc9c603cb..0000000000000
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/index.test.tsx
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
-import { DEFAULT_ATTACK_DISCOVERY_MAX_ALERTS } from '@kbn/elastic-assistant';
-import { fireEvent, render, screen, waitFor } from '@testing-library/react';
-import React from 'react';
-
-import { SettingsModal } from '.';
-import { MAX_ALERTS } from './alerts_settings';
-
-const defaultProps = {
-  connectorId: undefined,
-  isLoading: false,
-  localStorageAttackDiscoveryMaxAlerts: undefined,
-  setLocalStorageAttackDiscoveryMaxAlerts: jest.fn(),
-};
-
-describe('SettingsModal', () => {
-  beforeEach(() => jest.clearAllMocks());
-
-  it('opens the modal when the settings button is clicked', () => {
-    render(<SettingsModal {...defaultProps} />);
-
-    fireEvent.click(screen.getByTestId('settings'));
-
-    expect(screen.getByTestId('modal')).toBeInTheDocument();
-  });
-
-  it('closes the modal when the close button is clicked', () => {
-    render(<SettingsModal {...defaultProps} />);
-
-    fireEvent.click(screen.getByTestId('settings'));
-    expect(screen.getByTestId('modal')).toBeInTheDocument();
-
-    fireEvent.click(screen.getByTestId('cancel'));
-    expect(screen.queryByTestId('modal')).not.toBeInTheDocument();
-  });
-
-  it('calls onSave when save button is clicked', () => {
-    render(<SettingsModal {...defaultProps} />);
-
-    fireEvent.click(screen.getByTestId('settings'));
-    fireEvent.click(screen.getByText(`${MAX_ALERTS}`));
-
-    fireEvent.click(screen.getByTestId('save'));
-
-    expect(defaultProps.setLocalStorageAttackDiscoveryMaxAlerts).toHaveBeenCalledWith(
-      `${MAX_ALERTS}`
-    );
-  });
-
-  it('resets max alerts to the default when the reset button is clicked', async () => {
-    render(<SettingsModal {...defaultProps} />);
-
-    fireEvent.click(screen.getByTestId('settings'));
-
-    fireEvent.click(screen.getByText(`${MAX_ALERTS}`));
-    await waitFor(() => expect(screen.getByTestId('alertsRange')).toHaveValue(`${MAX_ALERTS}`));
-
-    fireEvent.click(screen.getByTestId('reset'));
-
-    await waitFor(() =>
-      expect(screen.getByTestId('alertsRange')).toHaveValue(
-        `${DEFAULT_ATTACK_DISCOVERY_MAX_ALERTS}`
-      )
-    );
-  });
-});
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/index.tsx b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/index.tsx
deleted file mode 100644
index dfe119e056a6b..0000000000000
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/index.tsx
+++ /dev/null
@@ -1,158 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
-import {
-  EuiButtonIcon,
-  EuiModal,
-  EuiModalBody,
-  EuiModalFooter,
-  EuiModalHeader,
-  EuiModalHeaderTitle,
-  EuiText,
-  EuiToolTip,
-  EuiTourStep,
-  useGeneratedHtmlId,
-} from '@elastic/eui';
-import {
-  ATTACK_DISCOVERY_STORAGE_KEY,
-  DEFAULT_ASSISTANT_NAMESPACE,
-  DEFAULT_ATTACK_DISCOVERY_MAX_ALERTS,
-  SHOW_SETTINGS_TOUR_LOCAL_STORAGE_KEY,
-} from '@kbn/elastic-assistant';
-import React, { useCallback, useEffect, useMemo, useState } from 'react';
-import useLocalStorage from 'react-use/lib/useLocalStorage';
-
-import { AlertsSettings } from './alerts_settings';
-import { Footer } from '../../settings_flyout/footer';
-import { getIsTourEnabled } from './is_tour_enabled';
-import * as i18n from './translations';
-
-interface Props {
-  connectorId: string | undefined;
-  isLoading: boolean;
-  localStorageAttackDiscoveryMaxAlerts: string | undefined;
-  setLocalStorageAttackDiscoveryMaxAlerts: React.Dispatch<React.SetStateAction<string | undefined>>;
-}
-
-const SettingsModalComponent: React.FC<Props> = ({
-  connectorId,
-  isLoading,
-  localStorageAttackDiscoveryMaxAlerts,
-  setLocalStorageAttackDiscoveryMaxAlerts,
-}) => {
-  const modalTitleId = useGeneratedHtmlId();
-
-  const [maxAlerts, setMaxAlerts] = useState(
-    localStorageAttackDiscoveryMaxAlerts ?? `${DEFAULT_ATTACK_DISCOVERY_MAX_ALERTS}`
-  );
-
-  const [isModalVisible, setIsModalVisible] = useState(false);
-  const showModal = useCallback(() => {
-    setMaxAlerts(localStorageAttackDiscoveryMaxAlerts ?? `${DEFAULT_ATTACK_DISCOVERY_MAX_ALERTS}`);
-
-    setIsModalVisible(true);
-  }, [localStorageAttackDiscoveryMaxAlerts]);
-  const closeModal = useCallback(() => setIsModalVisible(false), []);
-
-  const onReset = useCallback(() => setMaxAlerts(`${DEFAULT_ATTACK_DISCOVERY_MAX_ALERTS}`), []);
-
-  const onSave = useCallback(() => {
-    setLocalStorageAttackDiscoveryMaxAlerts(maxAlerts);
-    closeModal();
-  }, [closeModal, maxAlerts, setLocalStorageAttackDiscoveryMaxAlerts]);
-
-  const [showSettingsTour, setShowSettingsTour] = useLocalStorage<boolean>(
-    `${DEFAULT_ASSISTANT_NAMESPACE}.${ATTACK_DISCOVERY_STORAGE_KEY}.${SHOW_SETTINGS_TOUR_LOCAL_STORAGE_KEY}.v8.16`,
-    true
-  );
-  const onTourFinished = useCallback(() => setShowSettingsTour(() => false), [setShowSettingsTour]);
-  const [tourDelayElapsed, setTourDelayElapsed] = useState(false);
-
-  useEffect(() => {
-    // visible EuiTourStep anchors don't follow the button when the layout changes (i.e. when the connectors finish loading)
-    const timeout = setTimeout(() => setTourDelayElapsed(true), 10000);
-    return () => clearTimeout(timeout);
-  }, []);
-
-  const onSettingsClicked = useCallback(() => {
-    showModal();
-    setShowSettingsTour(() => false);
-  }, [setShowSettingsTour, showModal]);
-
-  const SettingsButton = useMemo(
-    () => (
-      <EuiToolTip content={i18n.SETTINGS}>
-        <EuiButtonIcon
-          aria-label={i18n.SETTINGS}
-          data-test-subj="settings"
-          iconType="gear"
-          onClick={onSettingsClicked}
-        />
-      </EuiToolTip>
-    ),
-    [onSettingsClicked]
-  );
-
-  const isTourEnabled = getIsTourEnabled({
-    connectorId,
-    isLoading,
-    tourDelayElapsed,
-    showSettingsTour,
-  });
-
-  return (
-    <>
-      {isTourEnabled ? (
-        <EuiTourStep
-          anchorPosition="downCenter"
-          content={
-            <>
-              <EuiText size="s">
-                <p>
-                  <span>{i18n.ATTACK_DISCOVERY_SENDS_MORE_ALERTS}</span>
-                  <br />
-                  <span>{i18n.CONFIGURE_YOUR_SETTINGS_HERE}</span>
-                </p>
-              </EuiText>
-            </>
-          }
-          isStepOpen={showSettingsTour}
-          minWidth={300}
-          onFinish={onTourFinished}
-          step={1}
-          stepsTotal={1}
-          subtitle={i18n.RECENT_ATTACK_DISCOVERY_IMPROVEMENTS}
-          title={i18n.SEND_MORE_ALERTS}
-        >
-          {SettingsButton}
-        </EuiTourStep>
-      ) : (
-        <>{SettingsButton}</>
-      )}
-
-      {isModalVisible && (
-        <EuiModal aria-labelledby={modalTitleId} data-test-subj="modal" onClose={closeModal}>
-          <EuiModalHeader>
-            <EuiModalHeaderTitle id={modalTitleId}>{i18n.SETTINGS}</EuiModalHeaderTitle>
-          </EuiModalHeader>
-
-          <EuiModalBody>
-            <AlertsSettings maxAlerts={maxAlerts} setMaxAlerts={setMaxAlerts} />
-          </EuiModalBody>
-
-          <EuiModalFooter>
-            <Footer closeModal={closeModal} onReset={onReset} onSave={onSave} />
-          </EuiModalFooter>
-        </EuiModal>
-      )}
-    </>
-  );
-};
-
-SettingsModalComponent.displayName = 'SettingsModal';
-
-export const SettingsModal = React.memo(SettingsModalComponent);
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/is_tour_enabled/index.test.ts b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/is_tour_enabled/index.test.ts
deleted file mode 100644
index 831bacca4b8e6..0000000000000
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/is_tour_enabled/index.test.ts
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
-import { getIsTourEnabled } from '.';
-
-describe('getIsTourEnabled', () => {
-  it('returns true when all conditions are met', () => {
-    const result = getIsTourEnabled({
-      connectorId: 'test-connector-id',
-      isLoading: false,
-      tourDelayElapsed: true,
-      showSettingsTour: true,
-    });
-
-    expect(result).toBe(true);
-  });
-
-  it('returns false when isLoading is true', () => {
-    const result = getIsTourEnabled({
-      connectorId: 'test-connector-id',
-      isLoading: true, // <-- don't show the tour during loading
-      tourDelayElapsed: true,
-      showSettingsTour: true,
-    });
-
-    expect(result).toBe(false);
-  });
-
-  it("returns false when connectorId is undefined because it hasn't loaded from storage", () => {
-    const result = getIsTourEnabled({
-      connectorId: undefined, // <-- don't show the tour if there is no connectorId
-      isLoading: false,
-      tourDelayElapsed: true,
-      showSettingsTour: true,
-    });
-
-    expect(result).toBe(false);
-  });
-
-  it('returns false when tourDelayElapsed is false', () => {
-    const result = getIsTourEnabled({
-      connectorId: 'test-connector-id',
-      isLoading: false,
-      tourDelayElapsed: false, // <-- don't show the tour if the delay hasn't elapsed
-      showSettingsTour: true,
-    });
-
-    expect(result).toBe(false);
-  });
-
-  it('returns false when showSettingsTour is false', () => {
-    const result = getIsTourEnabled({
-      connectorId: 'test-connector-id',
-      isLoading: false,
-      tourDelayElapsed: true,
-      showSettingsTour: false, // <-- don't show the tour if it's disabled
-    });
-
-    expect(result).toBe(false);
-  });
-
-  it("returns false when showSettingsTour is undefined because it hasn't loaded from storage", () => {
-    const result = getIsTourEnabled({
-      connectorId: 'test-connector-id',
-      isLoading: false,
-      tourDelayElapsed: true,
-      showSettingsTour: undefined, // <-- don't show the tour if it's undefined
-    });
-
-    expect(result).toBe(false);
-  });
-});
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/is_tour_enabled/index.ts b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/is_tour_enabled/index.ts
deleted file mode 100644
index 7f2f356114902..0000000000000
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/is_tour_enabled/index.ts
+++ /dev/null
@@ -1,18 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
-export const getIsTourEnabled = ({
-  connectorId,
-  isLoading,
-  tourDelayElapsed,
-  showSettingsTour,
-}: {
-  connectorId: string | undefined;
-  isLoading: boolean;
-  tourDelayElapsed: boolean;
-  showSettingsTour: boolean | undefined;
-}): boolean => !isLoading && connectorId != null && tourDelayElapsed && !!showSettingsTour;
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/translations.ts b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/translations.ts
deleted file mode 100644
index dc42db84f2d8a..0000000000000
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/header/settings_modal/translations.ts
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
-import { i18n } from '@kbn/i18n';
-
-export const ALERTS = i18n.translate(
-  'xpack.securitySolution.attackDiscovery.settingsModal.alertsLabel',
-  {
-    defaultMessage: 'Alerts',
-  }
-);
-
-export const ATTACK_DISCOVERY_SENDS_MORE_ALERTS = i18n.translate(
-  'xpack.securitySolution.attackDiscovery.settingsModal.attackDiscoverySendsMoreAlertsTourText',
-  {
-    defaultMessage: 'Attack discovery sends more alerts as context.',
-  }
-);
-
-export const CANCEL = i18n.translate(
-  'xpack.securitySolution.attackDiscovery.settingsModal.cancelButton',
-  {
-    defaultMessage: 'Cancel',
-  }
-);
-
-export const CONFIGURE_YOUR_SETTINGS_HERE = i18n.translate(
-  'xpack.securitySolution.attackDiscovery.settingsModal.configureYourSettingsHereTourText',
-  {
-    defaultMessage: 'Configure your settings here.',
-  }
-);
-
-export const LATEST_AND_RISKIEST_OPEN_ALERTS = (alertsCount: number) =>
-  i18n.translate(
-    'xpack.securitySolution.attackDiscovery.settingsModal.latestAndRiskiestOpenAlertsLabel',
-    {
-      defaultMessage:
-        'Send Attack discovery information about your {alertsCount} newest and riskiest open or acknowledged alerts.',
-      values: { alertsCount },
-    }
-  );
-
-export const SAVE = i18n.translate(
-  'xpack.securitySolution.attackDiscovery.settingsModal.saveButton',
-  {
-    defaultMessage: 'Save',
-  }
-);
-
-export const SEND_MORE_ALERTS = i18n.translate(
-  'xpack.securitySolution.attackDiscovery.settingsModal.tourTitle',
-  {
-    defaultMessage: 'Send more alerts',
-  }
-);
-
-export const SETTINGS = i18n.translate(
-  'xpack.securitySolution.attackDiscovery.settingsModal.settingsLabel',
-  {
-    defaultMessage: 'Settings',
-  }
-);
-
-export const RECENT_ATTACK_DISCOVERY_IMPROVEMENTS = i18n.translate(
-  'xpack.securitySolution.attackDiscovery.settingsModal.tourSubtitle',
-  {
-    defaultMessage: 'Recent Attack discovery improvements',
-  }
-);
-
-export const RESET = i18n.translate(
-  'xpack.securitySolution.attackDiscovery.settingsModal.resetLabel',
-  {
-    defaultMessage: 'Reset',
-  }
-);
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/index.test.tsx b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/index.test.tsx
index 3b593d767a730..df6e787ad6915 100644
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/index.test.tsx
+++ b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/index.test.tsx
@@ -9,7 +9,6 @@ import { mockCasesContext } from '@kbn/cases-plugin/public/mocks/mock_cases_cont
 import { dataViewPluginMocks } from '@kbn/data-views-plugin/public/mocks';
 import { createFilterManagerMock } from '@kbn/data-plugin/public/query/filter_manager/filter_manager.mock';
 import { createStubDataView } from '@kbn/data-views-plugin/common/data_view.stub';
-import { defaultAssistantFeatures } from '@kbn/elastic-assistant-common';
 import { UpsellingService } from '@kbn/security-solution-upselling/service';
 import { Router } from '@kbn/shared-ux-router';
 import { fireEvent, render, screen } from '@testing-library/react';
@@ -39,18 +38,6 @@ const mockConnectors: unknown[] = [
   },
 ];
 
-jest.mock('@kbn/elastic-assistant-common', () => {
-  const original = jest.requireActual('@kbn/elastic-assistant-common');
-
-  return {
-    ...original,
-    defaultAssistantFeatures: {
-      ...original.defaultAssistantFeatures,
-      attackDiscoveryAlertFiltering: jest.mocked<boolean>(false), // <-- feature flag is off by default
-    },
-  };
-});
-
 jest.mock('react-use/lib/useLocalStorage', () => jest.fn().mockReturnValue(['test-id', jest.fn()]));
 jest.mock('react-use/lib/useSessionStorage', () =>
   jest.fn().mockReturnValue([undefined, jest.fn()])
@@ -223,8 +210,6 @@ describe('AttackDiscovery', () => {
     });
 
     (useLocalStorage as jest.Mock).mockReturnValue(['test-id', jest.fn()]);
-
-    (defaultAssistantFeatures.attackDiscoveryAlertFiltering as jest.Mocked<boolean>) = false; // reset feature flag to off
   });
 
   describe('page layout', () => {
@@ -518,7 +503,7 @@ describe('AttackDiscovery', () => {
     });
   });
 
-  describe('when the attackDiscoveryAlertFiltering feature flag is off', () => {
+  describe('Alerts filtering feature', () => {
     beforeEach(() => {
       render(
         <TestProviders>
@@ -531,32 +516,6 @@ describe('AttackDiscovery', () => {
       );
     });
 
-    it('invokes fetchAttackDiscoveries with just the size parameter when the generate button is clicked', () => {
-      const generate = screen.getAllByTestId('generate');
-
-      fireEvent.click(generate[0]);
-
-      expect(
-        (useAttackDiscovery as jest.Mock)().fetchAttackDiscoveries as jest.Mock
-      ).toHaveBeenCalledWith({ size: 20 });
-    });
-  });
-
-  describe('when the attackDiscoveryAlertFiltering feature flag is on', () => {
-    beforeEach(() => {
-      (defaultAssistantFeatures.attackDiscoveryAlertFiltering as jest.Mocked<boolean>) = true; // <-- feature flag is on
-
-      render(
-        <TestProviders>
-          <Router history={historyMock}>
-            <UpsellingProvider upsellingService={mockUpselling}>
-              <AttackDiscoveryPage />
-            </UpsellingProvider>
-          </Router>
-        </TestProviders>
-      );
-    });
-
     it('invokes fetchAttackDiscoveries with the end, filter, size, and start parameters when the generate button is clicked,', () => {
       const generate = screen.getAllByTestId('generate');
 
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/index.tsx b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/index.tsx
index 4c7bea69950b2..83337a6531910 100644
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/index.tsx
+++ b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/index.tsx
@@ -52,10 +52,7 @@ const AttackDiscoveryPageComponent: React.FC = () => {
     services: { uiSettings },
   } = useKibana();
 
-  const {
-    assistantFeatures: { attackDiscoveryAlertFiltering },
-    http,
-  } = useAssistantContext();
+  const { http } = useAssistantContext();
   const { data: aiConnectors } = useLoadConnectors({
     http,
   });
@@ -209,23 +206,13 @@ const AttackDiscoveryPageComponent: React.FC = () => {
     const size = alertsContextCount ?? DEFAULT_ATTACK_DISCOVERY_MAX_ALERTS;
     const filter = parseFilterQuery({ filterQuery, kqlError });
 
-    return attackDiscoveryAlertFiltering // feature flag enabled?
-      ? fetchAttackDiscoveries({
-          end,
-          filter, // <-- combined search bar query and filters
-          size,
-          start,
-        })
-      : fetchAttackDiscoveries({ size }); // <-- NO filtering / time ranges, feature flag is off
-  }, [
-    alertsContextCount,
-    attackDiscoveryAlertFiltering,
-    end,
-    fetchAttackDiscoveries,
-    filterQuery,
-    kqlError,
-    start,
-  ]);
+    return fetchAttackDiscoveries({
+      end,
+      filter, // <-- combined search bar query and filters
+      size,
+      start,
+    });
+  }, [alertsContextCount, end, fetchAttackDiscoveries, filterQuery, kqlError, start]);
 
   useEffect(() => {
     setSelectedConnectorReplacements(replacements);
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/loading_callout/loading_messages/index.test.tsx b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/loading_callout/loading_messages/index.test.tsx
index 0d48ae13291b0..5c69d07f32084 100644
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/loading_callout/loading_messages/index.test.tsx
+++ b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/loading_callout/loading_messages/index.test.tsx
@@ -5,48 +5,18 @@
  * 2.0.
  */
 
-import { defaultAssistantFeatures } from '@kbn/elastic-assistant-common';
 import { render, screen } from '@testing-library/react';
 import React from 'react';
 
 import { LoadingMessages } from '.';
 import { TestProviders } from '../../../../common/mock';
 
-jest.mock('@kbn/elastic-assistant-common', () => {
-  const original = jest.requireActual('@kbn/elastic-assistant-common');
-
-  return {
-    ...original,
-    defaultAssistantFeatures: {
-      ...original.defaultAssistantFeatures,
-      attackDiscoveryAlertFiltering: jest.mocked<boolean>(false), // <-- feature flag is off by default
-    },
-  };
-});
-
 describe('LoadingMessages', () => {
   beforeEach(() => {
     jest.clearAllMocks();
-
-    (defaultAssistantFeatures.attackDiscoveryAlertFiltering as jest.Mocked<boolean>) = false; // reset feature flag to off
   });
 
-  it('renders the expected loading message, when the attackDiscoveryAlertFiltering feature flag is off', () => {
-    render(
-      <TestProviders>
-        <LoadingMessages alertsContextCount={20} localStorageAttackDiscoveryMaxAlerts={undefined} />
-      </TestProviders>
-    );
-    const aiCurrentlyAnalyzing = screen.getByTestId('aisCurrentlyAnalyzing');
-
-    expect(aiCurrentlyAnalyzing).toHaveTextContent(
-      'AI is analyzing up to 20 alerts in the last 24 hours to generate discoveries.'
-    );
-  });
-
-  it('renders a special-case loading message for the default relative range (of the last 24 hours), when attackDiscoveryAlertFiltering is on', () => {
-    (defaultAssistantFeatures.attackDiscoveryAlertFiltering as jest.Mocked<boolean>) = true; // <-- feature flag is on
-
+  it('renders a special-case loading message for the default relative range (of the last 24 hours)', () => {
     render(
       <TestProviders>
         <LoadingMessages
@@ -64,9 +34,7 @@ describe('LoadingMessages', () => {
     );
   });
 
-  it('renders the expected loading message for a NON-default relative date range, when attackDiscoveryAlertFiltering is on', () => {
-    (defaultAssistantFeatures.attackDiscoveryAlertFiltering as jest.Mocked<boolean>) = true;
-
+  it('renders the expected loading message for a NON-default relative date range', () => {
     render(
       <TestProviders>
         <LoadingMessages
@@ -84,9 +52,7 @@ describe('LoadingMessages', () => {
     );
   });
 
-  it('renders the expected loading message for an absolute date range, when attackDiscoveryAlertFiltering is on', () => {
-    (defaultAssistantFeatures.attackDiscoveryAlertFiltering as jest.Mocked<boolean>) = true;
-
+  it('renders the expected loading message for an absolute date range', () => {
     render(
       <TestProviders>
         <LoadingMessages
@@ -105,8 +71,6 @@ describe('LoadingMessages', () => {
   });
 
   it('renders the expected loading message with the default max alerts (from local storage) when alertsContextCount is null', () => {
-    (defaultAssistantFeatures.attackDiscoveryAlertFiltering as jest.Mocked<boolean>) = true;
-
     render(
       <TestProviders>
         <LoadingMessages
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/loading_callout/loading_messages/index.tsx b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/loading_callout/loading_messages/index.tsx
index 5552e44d88df4..5032bba1721d4 100644
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/loading_callout/loading_messages/index.tsx
+++ b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/loading_callout/loading_messages/index.tsx
@@ -7,7 +7,7 @@
 
 import { EuiFlexGroup, EuiFlexItem, EuiText } from '@elastic/eui';
 import { css } from '@emotion/react';
-import { DEFAULT_ATTACK_DISCOVERY_MAX_ALERTS, useAssistantContext } from '@kbn/elastic-assistant';
+import { DEFAULT_ATTACK_DISCOVERY_MAX_ALERTS } from '@kbn/elastic-assistant';
 
 import React from 'react';
 
@@ -32,10 +32,6 @@ const LoadingMessagesComponent: React.FC<Props> = ({
   localStorageAttackDiscoveryMaxAlerts,
   start,
 }) => {
-  const {
-    assistantFeatures: { attackDiscoveryAlertFiltering },
-  } = useAssistantContext();
-
   const { theme } = useKibana().services;
   const dateFormat = useDateFormat();
 
@@ -55,13 +51,11 @@ const LoadingMessagesComponent: React.FC<Props> = ({
     localStorageAttackDiscoveryMaxAlerts,
   });
 
-  const loadingMessage = attackDiscoveryAlertFiltering
-    ? getLoadingMessage({
-        alertsCount,
-        end: formattedEnd,
-        start: formattedStart,
-      })
-    : getLoadingMessage({ alertsCount }); // <-- NO time range, feature flag is off
+  const loadingMessage = getLoadingMessage({
+    alertsCount,
+    end: formattedEnd,
+    start: formattedStart,
+  });
 
   const isDarkMode = theme.getTheme().darkMode === true;
 
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/settings_flyout/footer/index.tsx b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/settings_flyout/footer/index.tsx
index 295e56120b854..c36dd3e8ed8dd 100644
--- a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/settings_flyout/footer/index.tsx
+++ b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/settings_flyout/footer/index.tsx
@@ -9,7 +9,7 @@ import { EuiButton, EuiButtonEmpty, EuiFlexGroup, EuiFlexItem, useEuiTheme } fro
 import { css } from '@emotion/react';
 import React from 'react';
 
-import * as i18n from '../../header/settings_modal/translations';
+import * as i18n from './translations';
 
 interface Props {
   closeModal: () => void;
diff --git a/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/settings_flyout/footer/translations.ts b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/settings_flyout/footer/translations.ts
new file mode 100644
index 0000000000000..e68adffe218eb
--- /dev/null
+++ b/x-pack/solutions/security/plugins/security_solution/public/attack_discovery/pages/settings_flyout/footer/translations.ts
@@ -0,0 +1,29 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { i18n } from '@kbn/i18n';
+
+export const CANCEL = i18n.translate(
+  'xpack.securitySolution.attackDiscovery.settingsFlyout.cancelButton',
+  {
+    defaultMessage: 'Cancel',
+  }
+);
+
+export const SAVE = i18n.translate(
+  'xpack.securitySolution.attackDiscovery.settingsFlyout.saveButton',
+  {
+    defaultMessage: 'Save',
+  }
+);
+
+export const RESET = i18n.translate(
+  'xpack.securitySolution.attackDiscovery.settingsFlyout.resetLabel',
+  {
+    defaultMessage: 'Reset',
+  }
+);
diff --git a/x-pack/solutions/security/plugins/security_solution/server/plugin.ts b/x-pack/solutions/security/plugins/security_solution/server/plugin.ts
index 93ee94f6b3944..a655b777760e1 100644
--- a/x-pack/solutions/security/plugins/security_solution/server/plugin.ts
+++ b/x-pack/solutions/security/plugins/security_solution/server/plugin.ts
@@ -602,7 +602,6 @@ export class Plugin implements ISecuritySolutionPlugin {
     plugins.elasticAssistant.registerTools(APP_UI_ID, assistantTools);
     const features = {
       assistantModelEvaluation: config.experimentalFeatures.assistantModelEvaluation,
-      attackDiscoveryAlertFiltering: config.experimentalFeatures.attackDiscoveryAlertFiltering,
       contentReferencesEnabled: config.experimentalFeatures.contentReferencesEnabled,
     };
     plugins.elasticAssistant.registerFeatures(APP_UI_ID, features);