﻿---
title: Security Solution settings in Kibana
description: 
url: https://www.elastic.co/elastic/docs-builder/docs/3608/reference/kibana/configuration-reference/security-solution-settings
products:
  - Kibana
applies_to:
  - Self-managed Elastic deployments: Generally available
---

# Security Solution settings in Kibana
Configure the following Security Solution settings in the `kibana.yml` file:

## Cloud Security Posture settings
<definitions>
  <definition term="xpack.cloudSecurityPosture.enabled">
    <stack-availability>Elastic Stack: Generally available since 8.3</stack-availability>
    <supported-on>Elastic Cloud Hosted: Generally available, Self-managed Elastic deployments: Generally available</supported-on>

Set to `false` to disable the Kibana UI for Elastic's Cloud Security Posture solution, which provides compliance checks on Cloud and Kubernetes environments.
Datatype: `bool`
Default: `true`
  </definition>
</definitions>

## Value lists settings
<definitions>
  <definition term="xpack.lists.maxImportPayloadBytes">
    <supported-on>Elastic Cloud Hosted: Generally available, Self-managed Elastic deployments: Generally available</supported-on>

Sets the maximum number of bytes allowed for uploading Security Solution [value lists](https://www.elastic.co/docs/solutions/security/detect-and-alert/value-lists-exceptions). For every 10 MB, it is recommended to have an additional 1 GB of RAM reserved for Kibana.
Datatype: `int`
Default: `9000000`
  </definition>
  <definition term="xpack.lists.importBufferSize">
    <supported-on>Elastic Cloud Hosted: Generally available, Self-managed Elastic deployments: Generally available</supported-on>

Sets the buffer size used for uploading Security Solution [value lists](https://www.elastic.co/docs/solutions/security/detect-and-alert/value-lists-exceptions). Increase the value to improve upload throughput at the expense of higher Kibana memory usage; decrease it to reduce memory usage at the cost of throughput.
Datatype: `int`
Default: `1000`
  </definition>
</definitions>

## Elastic Defend settings
<definitions>
  <definition term="xpack.securitySolution.maxUploadResponseActionFileBytes">
    <stack-availability>Elastic Stack: Generally available since 8.9</stack-availability>
    <supported-on>Elastic Cloud Hosted: Generally available, Self-managed Elastic deployments: Generally available</supported-on>

Allow to configure the max file upload size for use with the Upload File Response action available with the Defend Integration. To learn more, check [Endpoint Response actions](https://www.elastic.co/docs/solutions/security/endpoint-response-actions).
Datatype: `int`
  </definition>
  <definition term="xpack.securitySolution.disableEndpointRuleAutoInstall">
    <stack-availability>Elastic Stack: Generally available since 9.2.4</stack-availability>
    <supported-on>Elastic Cloud Hosted: Generally available, Self-managed Elastic deployments: Generally available</supported-on>

Set to `true` to disable the automatic installation of Elastic Defend SIEM rules when a new Endpoint integration policy is created.
Datatype: `bool`
Default: `false`
  </definition>
  <definition term="xpack.securitySolution.maxEndpointScriptFileSize">
    <stack-availability>Elastic Stack: Generally available since 9.4</stack-availability>
    <supported-on>Elastic Cloud Hosted: Generally available, Self-managed Elastic deployments: Generally available</supported-on>

The maximum file size in bytes for scripts uploaded to the Elastic Defend script library. Default is `26214400` (25MB).
Datatype: `int`
Default: `26214400`
  </definition>
</definitions>

## Experimental features
<definitions>
  <definition term="xpack.securitySolution.enableExperimental">
    <supported-on>Elastic Cloud Hosted: Generally available, Self-managed Elastic deployments: Generally available</supported-on>

A list of experimental feature flags to enable.
Datatype: `array of strings`

<note>
  Experimental features should not be enabled in production environments. Experimental features may be changed or removed completely in future releases. Elastic will make a best effort to fix any issues, but experimental features are not supported to the same level as generally available (GA) features.
</note>


```yaml
xpack.securitySolution.enableExperimental:
  - sentinelRulesMigration
```

  </definition>
</definitions>