diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_bulk_body.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_bulk_body.test.ts
index 08e33351708970..362c368881b37f 100644
--- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_bulk_body.test.ts
+++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_bulk_body.test.ts
@@ -131,9 +131,6 @@ describe('buildBulkBody', () => {
           created_at: fakeSignalSourceHit.signal.rule?.created_at,
           updated_at: fakeSignalSourceHit.signal.rule?.updated_at,
           exceptions_list: getListArrayMock(),
-          threat_filters: [],
-          threat_index: [],
-          threat_mapping: [],
         },
         depth: 1,
       },
@@ -256,9 +253,6 @@ describe('buildBulkBody', () => {
           created_at: fakeSignalSourceHit.signal.rule?.created_at,
           updated_at: fakeSignalSourceHit.signal.rule?.updated_at,
           exceptions_list: getListArrayMock(),
-          threat_filters: [],
-          threat_index: [],
-          threat_mapping: [],
         },
         threshold_result: {
           terms: [
@@ -380,9 +374,6 @@ describe('buildBulkBody', () => {
           throttle: 'no_actions',
           threat: [],
           exceptions_list: getListArrayMock(),
-          threat_filters: [],
-          threat_index: [],
-          threat_mapping: [],
         },
         depth: 1,
       },
@@ -494,9 +485,6 @@ describe('buildBulkBody', () => {
           updated_at: fakeSignalSourceHit.signal.rule?.updated_at,
           throttle: 'no_actions',
           exceptions_list: getListArrayMock(),
-          threat_filters: [],
-          threat_index: [],
-          threat_mapping: [],
         },
         depth: 1,
       },
@@ -601,9 +589,6 @@ describe('buildBulkBody', () => {
           created_at: fakeSignalSourceHit.signal.rule?.created_at,
           throttle: 'no_actions',
           exceptions_list: getListArrayMock(),
-          threat_filters: [],
-          threat_index: [],
-          threat_mapping: [],
         },
         depth: 1,
       },
@@ -707,9 +692,6 @@ describe('buildBulkBody', () => {
           created_at: fakeSignalSourceHit.signal.rule?.created_at,
           throttle: 'no_actions',
           exceptions_list: getListArrayMock(),
-          threat_filters: [],
-          threat_index: [],
-          threat_mapping: [],
         },
         depth: 1,
       },
@@ -813,9 +795,6 @@ describe('buildBulkBody', () => {
           created_at: fakeSignalSourceHit.signal.rule?.created_at,
           throttle: 'no_actions',
           exceptions_list: getListArrayMock(),
-          threat_filters: [],
-          threat_index: [],
-          threat_mapping: [],
         },
         depth: 1,
       },
diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.test.ts
index 40cc15786392c1..48e04df3704ab1 100644
--- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.test.ts
+++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.test.ts
@@ -105,9 +105,6 @@ describe('buildRule', () => {
       ],
       exceptions_list: getListArrayMock(),
       version: 1,
-      threat_filters: [],
-      threat_index: [],
-      threat_mapping: [],
     };
     expect(rule).toEqual(expected);
   });
@@ -166,9 +163,6 @@ describe('buildRule', () => {
       created_at: rule.created_at,
       throttle: 'no_actions',
       exceptions_list: getListArrayMock(),
-      threat_filters: [],
-      threat_index: [],
-      threat_mapping: [],
     };
     expect(rule).toEqual(expected);
   });
@@ -227,9 +221,6 @@ describe('buildRule', () => {
       created_at: rule.created_at,
       throttle: 'no_actions',
       exceptions_list: getListArrayMock(),
-      threat_filters: [],
-      threat_index: [],
-      threat_mapping: [],
     };
     expect(rule).toEqual(expected);
   });
@@ -292,9 +283,6 @@ describe('buildRule', () => {
       throttle: 'no_actions',
       exceptions_list: getListArrayMock(),
       version: 1,
-      threat_filters: [],
-      threat_index: [],
-      threat_mapping: [],
     };
     expect(rule).toEqual(expected);
   });
diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.ts
index 167724836e01c1..0681a5dddb127a 100644
--- a/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.ts
+++ b/x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_rule.ts
@@ -64,9 +64,14 @@ export const buildRule = ({
     ruleNameMapping: ruleParams.ruleNameOverride,
   });
 
-  const meta = { ...ruleParams.meta, ...riskScoreMeta, ...severityMeta, ...ruleNameMeta };
+  const meta: RulesSchema['meta'] = {
+    ...ruleParams.meta,
+    ...riskScoreMeta,
+    ...severityMeta,
+    ...ruleNameMeta,
+  };
 
-  const rule = {
+  const rule: RulesSchema = {
     id,
     rule_id: ruleParams.ruleId ?? '(unknown rule_id)',
     actions,
@@ -103,11 +108,11 @@ export const buildRule = ({
     created_by: createdBy,
     updated_by: updatedBy,
     threat: ruleParams.threat ?? [],
-    threat_mapping: ruleParams.threatMapping ?? [],
-    threat_filters: ruleParams.threatFilters ?? [],
+    threat_mapping: ruleParams.threatMapping,
+    threat_filters: ruleParams.threatFilters,
     threat_indicator_path: ruleParams.threatIndicatorPath,
     threat_query: ruleParams.threatQuery,
-    threat_index: ruleParams.threatIndex ?? [],
+    threat_index: ruleParams.threatIndex,
     threat_language: ruleParams.threatLanguage,
     timestamp_override: ruleParams.timestampOverride,
     throttle,