[Internal]: Endpoint exceptions no longer running in Detection Engine

[yctercero]

Description

Defend Workflows is taking ownership of Endpoint Exceptions. There will be a bunch of UI/UX changes that I'm sure they're already working with docs on. Specific to Detection Engine, however, we will no longer include endpoint exceptions within the Detection Engine logic. In other words, these exceptions will now just be utilized on endpoints.

We need to document this change for the user.

Resources

See ticket: https://github.com/elastic/security-team/issues/13777

Which documentation set does this change impact?

Elastic On-Prem and Cloud (all)

Feature differences

See description.

What release is this request related to?

9.2

Serverless release

Unsure.

Collaboration model

The documentation team

Point of contact.

Main contact: @yctercero

Stakeholders: @approksiu @nkhristinin @dasansol92

[natasha-moore-elastic]

Hi @dasansol92, could you provide more details on the UI/UX changes made to Endpoint Exceptions from the Defend Workflows team's side? 🙏 Feel free to comment here or open a new doc issue, whatever is easier.
We'll also need an environment where we can see and test out the changes.
Thanks!

[dasansol92]

Hey @natasha-moore-elastic , this is not for 9.2 and as far as I know, there are no UI/UX changes related to this.
@yctercero what do you think?
Regarding this:

There will be a bunch of UI/UX changes that I'm sure they're already working with docs on.

We will track it in a separated issue for future releases.

[yctercero]

Correct! This is using the same feature flag as defend workflows so it will go in whenever the rest of the work does.

@natasha-moore-elastic for now, Defend Workflows has pushed this work to 9.3. The part that this doc is for is in main but will not be turned on for 9.2.