From 5d88443c4cc31192e4622f75eafe81032ebf71cb Mon Sep 17 00:00:00 2001
From: Kenneth Kreindler <kenneth.kreindler@elastic.co>
Date: Thu, 22 May 2025 14:03:24 +0200
Subject: [PATCH 1/3] Security labs content package spec

---
 spec/content/kibana/spec.yml                  |  9 +++++++
 .../good_content-security_labs_content_1.json | 24 +++++++++++++++++++
 2 files changed, 33 insertions(+)
 create mode 100644 test/packages/good_content/kibana/security_labs_content/good_content-security_labs_content_1.json

diff --git a/spec/content/kibana/spec.yml b/spec/content/kibana/spec.yml
index baa2be6c..99a953b3 100644
--- a/spec/content/kibana/spec.yml
+++ b/spec/content/kibana/spec.yml
@@ -38,6 +38,15 @@ spec:
         type: file
         contentMediaType: "application/json"
         pattern: '^{PACKAGE_NAME}-.+\.json$'
+  - description: Folder containing security Security Labs assets
+    type: folder
+    name: "security_labs_content"
+    required: false
+    contents:
+      - description: A Security Labs asset
+        type: file
+        contentMediaType: "application/json"
+        pattern: '^{PACKAGE_NAME}-.+\.json$'
   - description: Folder containing rules
     type: folder
     name: "security_rule"
diff --git a/test/packages/good_content/kibana/security_labs_content/good_content-security_labs_content_1.json b/test/packages/good_content/kibana/security_labs_content/good_content-security_labs_content_1.json
new file mode 100644
index 00000000..d437654e
--- /dev/null
+++ b/test/packages/good_content/kibana/security_labs_content/good_content-security_labs_content_1.json
@@ -0,0 +1,24 @@
+{
+  "attributes": {
+    "raw": {
+      "document": "---\ntitle: \"2022 Elastic Global Threat Report Announcement\"\nslug: \"2022-elastic-global-threat-report-announcement\"\ndate: \"2022-11-30\"\ndescription: \"Discover our latest findings & strategic recommendations to better stay informed of potential directions threat actors may focus on.\"\nauthor:\n  - slug: devon-kerr\nimage: \"gtr-blog-image-720x420.jpg\"\ncategory:\n  - slug: reports\n---\n\nToday Elastic Security Labs celebrates another milestone: launching the [2022 Elastic Global Threat Report](https://www.elastic.co/explore/security-without-limits/global-threat-report), our inaugural summary of threat trends, forecasts, and recommendations. We analyzed millions of telemetry events from sources around the world to share these insights with you; all part of our continued commitment to transparency, and our mission to protect the world's data.\n\nYou can find the report [here](https://www.elastic.co/explore/security-without-limits/global-threat-report), we're excited to share it with you.\n"
+    },
+    "title": "2022 Elastic Global Threat Report Announcement",
+    "slug": "2022-elastic-global-threat-report-announcement",
+    "date": "2022-11-30",
+    "description": "Discover our latest findings & strategic recommendations to better stay informed of potential directions threat actors may focus on.",
+    "author": [
+      {
+        "slug": "devon-kerr"
+      }
+    ],
+    "image": "gtr-blog-image-720x420.jpg",
+    "category": [
+      {
+        "slug": "reports"
+      }
+    ]
+  },
+  "id": "security_labs_content-2022_elastic_global_threat_report_announcement-md",
+  "type": "security_labs_content"
+}

From 9e1fb997d2cb627bca627b2158f6f09dbd0d16b4 Mon Sep 17 00:00:00 2001
From: Kenneth Kreindler <kenneth.kreindler@elastic.co>
Date: Thu, 22 May 2025 14:08:40 +0200
Subject: [PATCH 2/3] changelog

---
 spec/changelog.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/spec/changelog.yml b/spec/changelog.yml
index 7935583a..2f40991b 100644
--- a/spec/changelog.yml
+++ b/spec/changelog.yml
@@ -13,6 +13,9 @@
     - description: Add kibana/security_ai_prompt to support security AI prompt assets.
       type: enhancement
       link: https://github.com/elastic/package-spec/pull/871
+    - description: Add kibana/security_labs_content to support Security Labs assets.
+      type: enhancement
+      link: https://github.com/elastic/package-spec/pull/871
 - version: 3.3.6-next
   changes:
     - description: Add support for _dev/shared folder.

From a2110b9d81de94b5f09bb5fb795a3835e327f813 Mon Sep 17 00:00:00 2001
From: Kenneth Kreindler <kenneth.kreindler@elastic.co>
Date: Thu, 22 May 2025 14:30:38 +0200
Subject: [PATCH 3/3] test

---
 .../good_content-security_labs_content_1.json                   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/packages/good_content/kibana/security_labs_content/good_content-security_labs_content_1.json b/test/packages/good_content/kibana/security_labs_content/good_content-security_labs_content_1.json
index d437654e..03dfbf87 100644
--- a/test/packages/good_content/kibana/security_labs_content/good_content-security_labs_content_1.json
+++ b/test/packages/good_content/kibana/security_labs_content/good_content-security_labs_content_1.json
@@ -19,6 +19,6 @@
       }
     ]
   },
-  "id": "security_labs_content-2022_elastic_global_threat_report_announcement-md",
+  "id": "good_content-security_labs_content_1",
   "type": "security_labs_content"
 }