diff --git a/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md b/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md
index 0c5bd2c025d8..170a1b6290c8 100644
--- a/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md
+++ b/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md
@@ -9,8 +9,8 @@
 
 This is a test plan for the workflows of:
 
-- exporting single prebuilt rules from the Rule Details page
-- exporting single prebuilt rules one-by-one from the Rule Management page
+- exporting a single prebuilt rule from the Rule Details page
+- exporting a single prebuilt rule from the Rule Management page
 - exporting multiple prebuilt rules in bulk from the Rule Management page
 - exporting a mixture of prebuilt and custom rules from the Rule Management page
 
@@ -33,20 +33,15 @@ https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one
   - [Assumptions](#assumptions)
   - [Technical requirements](#technical-requirements)
   - [Product requirements](#product-requirements)
+  - [Licensing](#licensing)
 - [Scenarios](#scenarios)
   - [Core Functionality](#core-functionality)
-    - [Scenario: Exporting prebuilt rule individually from rule details page](#scenario-exporting-prebuilt-rule-individually-from-rule-details-page)
-    - [Scenario: Exporting custom rule individually from rule details page](#scenario-exporting-custom-rule-individually-from-rule-details-page)
-    - [Scenario: Exporting prebuilt rule individually from rules management table](#scenario-exporting-prebuilt-rule-individually-from-rules-management-table)
-    - [Scenario: Exporting custom rule individually from rules management table](#scenario-exporting-custom-rule-individually-from-rules-management-table)
-    - [Scenario: Exporting prebuilt rules in bulk](#scenario-exporting-prebuilt-rules-in-bulk)
-    - [Scenario: Exporting custom rules in bulk](#scenario-exporting-custom-rules-in-bulk)
-    - [Scenario: Exporting both prebuilt and custom rules in bulk](#scenario-exporting-both-prebuilt-and-custom-rules-in-bulk)
+    - [**Scenario: Exporting a prebuilt rule from rule details page**](#scenario-exporting-a-prebuilt-rule-from-rule-details-page)
+    - [**Scenario: Exporting a prebuilt rule from rules management table**](#scenario-exporting-a-prebuilt-rule-from-rules-management-table)
+    - [**Scenario: Exporting multiple prebuilt rules in bulk**](#scenario-exporting-multiple-prebuilt-rules-in-bulk)
+    - [**Scenario: Exporting a mix of prebuilt and custom rules in bulk**](#scenario-exporting-a-mix-of-prebuilt-and-custom-rules-in-bulk)
   - [Error Handling](#error-handling)
-    - [Scenario: Exporting beyond the export limit](#scenario-exporting-beyond-the-export-limit)
-  - [Licensing](#licensing)
-    - [Scenario: Exporting a mixture of prebuilt and custom rules via export API under insufficient license\*\*](#scenario-exporting-a-mixture-of-prebuilt-and-custom-rules-via-export-api-under-insufficient-license)
-    - [Scenario: Exporting a mixture of prebuilt and custom rules via bulk action under insufficient license\*\*](#scenario-exporting-a-mixture-of-prebuilt-and-custom-rules-via-bulk-action-under-insufficient-license)
+    - [**Scenario: Exporting beyond the export limit**](#scenario-exporting-beyond-the-export-limit)
 
 ## Useful information
 
@@ -70,6 +65,7 @@ https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one
 Assumptions about test environments and scenarios outlined in this test plan.
 
 - [Common assumptions](./prebuilt_rules_common_info.md#common-assumptions).
+- Prebuilt rules export works for any rule type
 
 ### Technical requirements
 
@@ -92,149 +88,101 @@ User stories:
 - User can export prebuilt customized rules.
 - User can export any combination of prebuilt non-customized, prebuilt customized, and custom rules.
 
+### Licensing
+
+Prebuilt rules export test scenarios are expected to work under low-tier licenses where Prebuilt Rules Customization isn't allowed.
+
 ## Scenarios
 
 ### Core Functionality
 
-#### Scenario: Exporting prebuilt rule individually from rule details page
+#### **Scenario: Exporting a prebuilt rule from rule details page**
 
 **Automation**: 2 cypress tests.
 
 ```Gherkin
-Given a space with a <rule_type> rule installed
-When the user selects "Export rule" from the "All actions" dropdown on the rule's detail page
+Given a <customized_state> prebuilt rule
+When user exports the rule from the rule's detail page
 Then the rule should be exported as an NDJSON file
-And it should include an "immutable" field with a value of true
-And its "ruleSource" "type" should be "external"
-And its "ruleSource" "isCustomized" value should be <is_customized>
-
-Examples:
-| rule_type               | is_customized |
-| prebuilt customized     | true          |
-| prebuilt non-customized | false         |
+And it should include an "immutable" field having true value
+And "rule_source.type" should be "external"
+And "rule_source.is_customized" should be <is_customized>
+And the exported payload should match the rule's parameters
 ```
 
-#### Scenario: Exporting custom rule individually from rule details page
+**Examples:**
 
-**Automation**: 1 cypress test.
+| `<customized_state>` | `<is_customized>` |
+| -------------------- | ----------------- |
+| customized           | true              |
+| non-customized       | false             |
 
-```Gherkin
-Given a space with a custom rule installed
-When the user selects "Export rule" from the "All actions" dropdown on the rule's detail page
-Then the rule should be exported as an NDJSON file
-And it should include an "immutable" field with a value of false
-And its "ruleSource" "type" should be "internal"
-```
-
-#### Scenario: Exporting prebuilt rule individually from rules management table
+#### **Scenario: Exporting a prebuilt rule from rules management table**
 
 **Automation**: 2 cypress tests.
 
 ```Gherkin
-Given a space with a <rule_type> rule installed
-When the user selects "Export rule" from the rule's overflow dropdown on the rules management page
+Given a <customized_state> prebuilt rule
+When user export the rule via rule management table row actions
 Then the rule should be exported as an NDJSON file
-And it should include an "immutable" field with a value of true
-And its "ruleSource" "type" should be "external"
-And its "ruleSource" "isCustomized" value should be <is_customized>
-
-Examples:
-| rule_type               | is_customized |
-| prebuilt customized     | true          |
-| prebuilt non-customized | false         |
+And it should include an "immutable" field having true value
+And "rule_source.type" should be "external"
+And "rule_source.is_customized" should be <is_customized>
+And the exported payload should match the rule's parameters
 ```
 
-#### Scenario: Exporting custom rule individually from rules management table
+**Examples:**
 
-**Automation**: 1 cypress test.
+| `<customized_state>` | `<is_customized>` |
+| -------------------- | ----------------- |
+| customized           | true              |
+| non-customized       | false             |
 
-```Gherkin
-Given a space with a custom rule installed
-When the user selects "Export rule" from the rule's overflow dropdown on the rules management page
-Then the rule should be exported as an NDJSON file
-And it should include an "immutable" field with a value of false
-And its "ruleSource" "type" should be "internal"
-```
-
-#### Scenario: Exporting prebuilt rules in bulk
+#### **Scenario: Exporting multiple prebuilt rules in bulk**
 
 **Automation**: 2 cypress tests.
 
 ```Gherkin
-Given a space with multiple <rule_type> rules installed
-When the user selects rules in the rules table
-And chooses "Export" from bulk actions
+Given multiple <customized_state> prebuilt rules
+When user selects some prebuilt rules in the rule management table
+And bulk exports them
 Then the selected rules should be exported as an NDJSON file
-And they should include an "immutable" field with a value of true
-And their "ruleSource" "type" should be "external"
-And their "ruleSource" "isCustomized" should depend be <is_customized>
-
-Examples:
-| rule_type               | is_customized |
-| prebuilt customized     | true          |
-| prebuilt non-customized | false         |
+And each exported rule should include an "immutable" field having true value
+And each exported rule should have "rule_source.type" equal to "external"
+And each exported rule should have "rule_source.is_customized" equal to <is_customized>
+And each exported rule should match the corresponding rule's parameters
 ```
 
-#### Scenario: Exporting custom rules in bulk
+**Examples:**
+
+| `<customized_state>` | `<is_customized>` |
+| -------------------- | ----------------- |
+| customized           | true              |
+| non-customized       | false             |
+
+#### **Scenario: Exporting a mix of prebuilt and custom rules in bulk**
 
 **Automation**: 1 cypress test.
 
 ```Gherkin
-Given a space with multiple custom rules installed
-When the user selects rules in the rules table
-And chooses "Export" from bulk actions
+Given a mix of customized prebuilt, non-customized prebuilt and custom rules
+When user selects some rules of each type in the rule management table
+And bulk exports them
 Then the selected rules should be exported as an NDJSON file
-And they should include an "immutable" field with a value of false
-And their "ruleSource" "type" should be "internal"
-```
-
-#### Scenario: Exporting both prebuilt and custom rules in bulk
-
-**Automation**: 1 cypress test.
-
-```Gherkin
-Given a space with customized prebuilt, non-customized prebuilt and custom rules installed
-When the user selects rules from each type in the rules table
-And chooses "Export" from bulk actions
-Then the selected rules should be exported as an NDJSON file
-And the prebuilt rules should include an "immutable" field with a value of true
-And the custom rules should include an "immutable" field with a value of false
-And the prebuilt rules' "ruleSource" "type" should be "external"
-And the custom rules' "ruleSource" "type" should be "internal"
-And the customized prebuilt rules' "isCustomized" value should be true
+And the exported prebuilt rules should include an "immutable" field having true value
+And the exported prebuilt rules "rule_source.type" should be "external"
+And the exported non-customized prebuilt rules "rule_source.is_customized" should be false
+And the exported customized prebuilt rules "rule_source.is_customized" should be true
+And the exported custom rules should include an "immutable" field having false value
+And the exported custom rules "rule_source.type" should be "internal"
 ```
 
 ### Error Handling
 
-#### Scenario: Exporting beyond the export limit
+#### **Scenario: Exporting beyond the export limit**
 
 ```Gherkin
-Given a space with prebuilt and custom rules installed
+Given prebuilt and custom rules
 And the number of rules is greater than the export limit (defaults to 10_000)
 Then the request should be rejected as a bad request
 ```
-
-### Licensing
-
-#### Scenario: Exporting a mixture of prebuilt and custom rules via export API under insufficient license**
-
-**Automation**: 1 API integration test.
-
-```Gherkin
-Given a Kibana instance running under an insufficient license
-And a space with prebuilt customized, prebuilt non-customized and custom rules installed
-When the user exports all rules via the export API
-Then all rules should be successfully exported as an NDJSON file
-```
-
-#### Scenario: Exporting a mixture of prebuilt and custom rules via bulk action under insufficient license**
-
-**Automation**: 1 API integration test, 1 e2e test.
-
-```Gherkin
-Given a Kibana instance running under an insufficient license
-And a space with prebuilt customized, prebuilt non-customized and custom rules installed
-When the user selects rules of each type in the rules table
-And chooses "Export" from bulk actions
-Then all selected rules should be successfully exported as an NDJSON file
-```
\ No newline at end of file
diff --git a/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/rule_management/rule_export.md b/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/rule_management/rule_export.md
new file mode 100644
index 000000000000..dced7fddfde0
--- /dev/null
+++ b/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/rule_management/rule_export.md
@@ -0,0 +1,73 @@
+# Test plan: exporting rules <!-- omit from toc -->
+
+**Status**: `in progress`.
+
+## Summary <!-- omit from toc -->
+
+This a draft test plan containing exporting custom rules test scenarios moved from prebuilt rules export test plan.
+
+## Table of contents <!-- omit from toc -->
+
+<!--
+Please use the "Markdown All in One" VS Code extension to keep the TOC in sync with the text:
+https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one
+-->
+
+- [Useful information](#useful-information)
+  - [Assumptions](#assumptions)
+- [Scenarios](#scenarios)
+  - [Core Functionality](#core-functionality)
+    - [**Scenario: Exporting custom rule individually from rule details page**](#scenario-exporting-custom-rule-individually-from-rule-details-page)
+    - [**Scenario: Exporting custom rule individually from rules management table**](#scenario-exporting-custom-rule-individually-from-rules-management-table)
+    - [**Scenario: Exporting custom rules in bulk**](#scenario-exporting-custom-rules-in-bulk)
+
+## Useful information
+
+### Assumptions
+
+- Rules export works for any rule type
+
+TBD
+
+## Scenarios
+
+### Core Functionality
+
+#### **Scenario: Exporting custom rule individually from rule details page**
+
+**Automation**: 1 cypress test.
+
+```Gherkin
+Given a custom rule
+When the user exports the rule from the rule's detail page
+Then the rule should be exported as an NDJSON file
+And the exported rule should have "immutable" field with a value of false
+And the exported rule should have "rule_source" field with "type" field set to "internal"
+And the exported rule's parameters should match to the source rule
+```
+
+#### **Scenario: Exporting custom rule individually from rules management table**
+
+**Automation**: 1 cypress test.
+
+```Gherkin
+Given a custom rule
+When the user exports the rule from the rules management page
+Then the rule should be exported as an NDJSON file
+And the exported rule should have "immutable" field with a value of false
+And the exported rule should have "rule_source" field with "type" field set to "internal"
+And the exported rule's parameters should match to the source rule
+```
+
+#### **Scenario: Exporting custom rules in bulk**
+
+**Automation**: 1 cypress test.
+
+```Gherkin
+Given multiple custom rules
+When the user exports multiple rules in bulk from the rules management page
+Then the selected rules should be exported as an NDJSON file
+And each exported rule should have "immutable" field with a value of false
+And each exported rule should have "rule_source" field with "type" field set to "internal"
+And each exported rule's parameters should match to the source rule
+```