diff --git a/x-pack/plugins/security_solution/common/endpoint/data_loaders/index_fleet_actions.ts b/x-pack/plugins/security_solution/common/endpoint/data_loaders/index_fleet_actions.ts
index 34f57c0604fac..47448be2e0a92 100644
--- a/x-pack/plugins/security_solution/common/endpoint/data_loaders/index_fleet_actions.ts
+++ b/x-pack/plugins/security_solution/common/endpoint/data_loaders/index_fleet_actions.ts
@@ -66,10 +66,11 @@ export const indexFleetActionsForHost = async (
     const actionResponse = fleetActionGenerator.generateResponse({
       action_id: action.action_id,
       agent_id: agentId,
-      action_data: {
-        ...action.data,
-        // add ack to 4/5th of fleet response
-        ack: fleetActionGenerator.randomFloat() < 0.8 ? true : undefined,
+      action_response: {
+        endpoint: {
+          // add ack to 4/5th of fleet response
+          ack: fleetActionGenerator.randomFloat() < 0.8 ? true : undefined,
+        },
       },
     });
 
diff --git a/x-pack/plugins/security_solution/common/endpoint/types/actions.ts b/x-pack/plugins/security_solution/common/endpoint/types/actions.ts
index d7ad417fc7d3f..2ac4c9e772ded 100644
--- a/x-pack/plugins/security_solution/common/endpoint/types/actions.ts
+++ b/x-pack/plugins/security_solution/common/endpoint/types/actions.ts
@@ -64,7 +64,12 @@ export interface LogsEndpointActionResponse {
 export interface EndpointActionData {
   command: ISOLATION_ACTIONS;
   comment?: string;
-  ack?: boolean;
+}
+
+export interface FleetActionResponseData {
+  endpoint?: {
+    ack?: boolean;
+  };
 }
 
 export interface EndpointAction {
@@ -93,6 +98,8 @@ export interface EndpointActionResponse {
   completed_at: string;
   error?: string;
   action_data: EndpointActionData;
+  /* Response data from the Endpoint process -- only present in 7.16+ */
+  action_response?: FleetActionResponseData;
 }
 
 export interface EndpointActivityLogAction {
diff --git a/x-pack/plugins/security_solution/server/endpoint/services/actions.ts b/x-pack/plugins/security_solution/server/endpoint/services/actions.ts
index 87455e6c578bc..6b44b7b3ce87a 100644
--- a/x-pack/plugins/security_solution/server/endpoint/services/actions.ts
+++ b/x-pack/plugins/security_solution/server/endpoint/services/actions.ts
@@ -148,7 +148,7 @@ const getActivityLog = async ({
 };
 
 const hasAckInResponse = (response: EndpointActionResponse): boolean => {
-  return typeof response.action_data.ack !== 'undefined';
+  return response.action_response?.endpoint?.ack ?? false;
 };
 
 // return TRUE if for given action_id/agent_id