diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml
index 6fb646a7c0dd..9e32a13f42a3 100644
--- a/.generator/schemas/v2/openapi.yaml
+++ b/.generator/schemas/v2/openapi.yaml
@@ -85404,6 +85404,14 @@ paths:
       parameters:
       - $ref: '#/components/parameters/PageSize'
       - $ref: '#/components/parameters/PageNumber'
+      - description: A search query to filter security rules. You can filter by attributes
+          such as `type`, `source`, `tags`.
+        example: type:signal_correlation source:cloudtrail
+        in: query
+        name: query
+        required: false
+        schema:
+          type: string
       responses:
         '200':
           content:
diff --git a/private/bdd_runner/src/support/scenarios_model_mapping.ts b/private/bdd_runner/src/support/scenarios_model_mapping.ts
index beee9ab387f3..b702d73cbaa0 100644
--- a/private/bdd_runner/src/support/scenarios_model_mapping.ts
+++ b/private/bdd_runner/src/support/scenarios_model_mapping.ts
@@ -4500,6 +4500,10 @@ export const ScenariosModelMappings: { [key: string]: OperationMapping } = {
       type: "number",
       format: "int64",
     },
+    query: {
+      type: "string",
+      format: "",
+    },
     operationResponseType: "SecurityMonitoringListRulesResponse",
   },
   "SecurityMonitoringApi.V2.CreateSecurityMonitoringRule": {
diff --git a/services/security_monitoring/src/v2/SecurityMonitoringApi.ts b/services/security_monitoring/src/v2/SecurityMonitoringApi.ts
index a77e2e7e7993..eca04611263b 100644
--- a/services/security_monitoring/src/v2/SecurityMonitoringApi.ts
+++ b/services/security_monitoring/src/v2/SecurityMonitoringApi.ts
@@ -3217,6 +3217,7 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory {
   public async listSecurityMonitoringRules(
     pageSize?: number,
     pageNumber?: number,
+    query?: string,
     _options?: Configuration,
   ): Promise<RequestContext> {
     const _config = _options || this.configuration;
@@ -3257,6 +3258,13 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory {
         "",
       );
     }
+    if (query !== undefined) {
+      requestContext.setQueryParam(
+        "query",
+        serialize(query, TypingInfo, "string", ""),
+        "",
+      );
+    }
 
     // Apply auth methods
     applySecurityAuthentication(_config, requestContext, [
@@ -10158,6 +10166,11 @@ export interface SecurityMonitoringApiListSecurityMonitoringRulesRequest {
    * @type number
    */
   pageNumber?: number;
+  /**
+   * A search query to filter security rules. You can filter by attributes such as `type`, `source`, `tags`.
+   * @type string
+   */
+  query?: string;
 }
 
 export interface SecurityMonitoringApiListSecurityMonitoringSignalsRequest {
@@ -12163,6 +12176,7 @@ export class SecurityMonitoringApi {
       this.requestFactory.listSecurityMonitoringRules(
         param.pageSize,
         param.pageNumber,
+        param.query,
         options,
       );
     return requestContextPromise.then((requestContext) => {