diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/policy/index.ts b/x-pack/plugins/security_solution/server/endpoint/routes/policy/index.ts
index b233ff1af30fc4..5993b0b0e752e5 100644
--- a/x-pack/plugins/security_solution/server/endpoint/routes/policy/index.ts
+++ b/x-pack/plugins/security_solution/server/endpoint/routes/policy/index.ts
@@ -11,6 +11,8 @@ import { getHostPolicyResponseHandler } from './handlers';
 
 export const BASE_POLICY_RESPONSE_ROUTE = `/api/endpoint/policy_response`;
 
+export const INITIAL_POLICY_ID = '00000000-0000-0000-0000-000000000000';
+
 export function registerPolicyRoutes(router: IRouter, endpointAppContext: EndpointAppContext) {
   router.get(
     {
diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/policy/service.ts b/x-pack/plugins/security_solution/server/endpoint/routes/policy/service.ts
index 1686582b8b59b6..1b3d232f9421c9 100644
--- a/x-pack/plugins/security_solution/server/endpoint/routes/policy/service.ts
+++ b/x-pack/plugins/security_solution/server/endpoint/routes/policy/service.ts
@@ -7,6 +7,7 @@
 import { SearchResponse } from 'elasticsearch';
 import { ILegacyScopedClusterClient } from 'kibana/server';
 import { GetHostPolicyResponse, HostPolicyResponse } from '../../../../common/endpoint/types';
+import { INITIAL_POLICY_ID } from './index';
 
 export function getESQueryPolicyResponseByHostID(hostID: string, index: string) {
   return {
@@ -20,7 +21,7 @@ export function getESQueryPolicyResponseByHostID(hostID: string, index: string)
           },
           must_not: {
             term: {
-              'Endpoint.policy.applied.name': 'initial',
+              'Endpoint.policy.applied.id': INITIAL_POLICY_ID,
             },
           },
         },