diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 09f8a96730c..70530e850b8 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -215,3 +215,4 @@
 /packages/gcp_metrics @elastic/obs-cloud-monitoring
 /packages/airflow @elastic/obs-service-integrations
 /packages/statsd_input @elastic/obs-service-integrations
+/packages/host_risk_score @elastic/ml-ui @elastic/sec-applied-ml
diff --git a/packages/host_risk_score/LICENSE.txt b/packages/host_risk_score/LICENSE.txt
new file mode 100644
index 00000000000..92503a72178
--- /dev/null
+++ b/packages/host_risk_score/LICENSE.txt
@@ -0,0 +1,93 @@
+Elastic License 2.0
+
+URL: https://www.elastic.co/licensing/elastic-license
+
+## Acceptance
+
+By using the software, you agree to all of the terms and conditions below.
+
+## Copyright License
+
+The licensor grants you a non-exclusive, royalty-free, worldwide,
+non-sublicensable, non-transferable license to use, copy, distribute, make
+available, and prepare derivative works of the software, in each case subject to
+the limitations and conditions below.
+
+## Limitations
+
+You may not provide the software to third parties as a hosted or managed
+service, where the service provides users with access to any substantial set of
+the features or functionality of the software.
+
+You may not move, change, disable, or circumvent the license key functionality
+in the software, and you may not remove or obscure any functionality in the
+software that is protected by the license key.
+
+You may not alter, remove, or obscure any licensing, copyright, or other notices
+of the licensor in the software. Any use of the licensor’s trademarks is subject
+to applicable law.
+
+## Patents
+
+The licensor grants you a license, under any patent claims the licensor can
+license, or becomes able to license, to make, have made, use, sell, offer for
+sale, import and have imported the software, in each case subject to the
+limitations and conditions in this license. This license does not cover any
+patent claims that you cause to be infringed by modifications or additions to
+the software. If you or your company make any written claim that the software
+infringes or contributes to infringement of any patent, your patent license for
+the software granted under these terms ends immediately. If your company makes
+such a claim, your patent license ends immediately for work on behalf of your
+company.
+
+## Notices
+
+You must ensure that anyone who gets a copy of any part of the software from you
+also gets a copy of these terms.
+
+If you modify the software, you must include in any modified copies of the
+software prominent notices stating that you have modified the software.
+
+## No Other Rights
+
+These terms do not imply any licenses other than those expressly granted in
+these terms.
+
+## Termination
+
+If you use the software in violation of these terms, such use is not licensed,
+and your licenses will automatically terminate. If the licensor provides you
+with a notice of your violation, and you cease all violation of this license no
+later than 30 days after you receive that notice, your licenses will be
+reinstated retroactively. However, if you violate these terms after such
+reinstatement, any additional violation of these terms will cause your licenses
+to terminate automatically and permanently.
+
+## No Liability
+
+*As far as the law allows, the software comes as is, without any warranty or
+condition, and the licensor will not be liable to you for any damages arising
+out of these terms or the use or nature of the software, under any kind of
+legal claim.*
+
+## Definitions
+
+The **licensor** is the entity offering these terms, and the **software** is the
+software the licensor makes available under these terms, including any portion
+of it.
+
+**you** refers to the individual or entity agreeing to these terms.
+
+**your company** is any legal entity, sole proprietorship, or other kind of
+organization that you work for, plus all organizations that have control over,
+are under the control of, or are under common control with that
+organization. **control** means ownership of substantially all the assets of an
+entity, or the power to direct its management and policies by vote, contract, or
+otherwise. Control can be direct or indirect.
+
+**your licenses** are all the licenses granted to you for the software under
+these terms.
+
+**use** means anything you do with the software requiring one of your licenses.
+
+**trademark** means trademarks, service marks, and similar rights.
\ No newline at end of file
diff --git a/packages/host_risk_score/_dev/build/build.yml b/packages/host_risk_score/_dev/build/build.yml
new file mode 100644
index 00000000000..60efcdf2982
--- /dev/null
+++ b/packages/host_risk_score/_dev/build/build.yml
@@ -0,0 +1,3 @@
+dependencies:
+  ecs:
+    reference: git@v8.6.0-rc1
diff --git a/packages/host_risk_score/changelog.yml b/packages/host_risk_score/changelog.yml
new file mode 100644
index 00000000000..8253a5309da
--- /dev/null
+++ b/packages/host_risk_score/changelog.yml
@@ -0,0 +1,5 @@
+- version: "0.1.0"
+  changes:
+    - description: Initial package
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/4019
diff --git a/packages/host_risk_score/docs/README.md b/packages/host_risk_score/docs/README.md
new file mode 100644
index 00000000000..54578fd4b1f
--- /dev/null
+++ b/packages/host_risk_score/docs/README.md
@@ -0,0 +1,32 @@
+# Host Risk Score
+
+The host risk score feature highlights risky hosts from within your environment. It utilizes a transform with a scripted metric aggregation to calculate host risk scores based on alerts that were generated within the past five days. The transform runs hourly to update the score as new alerts are generated.
+
+Each rule’s contribution to the host risk score is based on the rule’s risk score (`signal.rule.risk_score`) and a time decay factor to reduce the impact of stale alerts. The risk score is calculated using a weighted sum where rules with higher time-corrected risk scores also have higher weights. Each host risk score is normalized to a scale of 0 to 100.
+
+Specific host attributes can boost the final risk score. For example, alert activity on a server poses a greater risk than that on a laptop. Therefore, the host risk score is 1.5 times higher if the host is a server. This boosted score is finalized after calculating the weighted sum of the time-corrected risks.
+
+## Installation
+
+You can install the Host Risk Score package via **Management > Integrations > Host Risk Score**.
+
+To inspect the installed assets, you can navigate to **Stack Management > Data > Transforms**.
+
+Namely, the following transforms are installed with the Host Risk Score package:
+
+| Transform name | Purpose | Source index | Destination index |
+|---|---|---|---|
+| host_risk_score.pivot_transform | Calculates the Host risk score | `.alerts-security.alerts-default` | `.alerts-security.host-risk-score-[version]` |
+| host_risk_score.latest_transform | Surfaces the latest 5 days of the pivot transform results | `.alerts-security.host-risk-score.latest` | `.alerts-security.host-risk-score-latest-[version]` |
+
+![Installation step screenshot](../img/sample-screenshot.png)
+
+Note: This package assumes that `.alerts-security.alerts-default` exists on the cluster, which is generally true. However, in cases such as a brand-new cluster, the `.alerts-security.alerts-default` will not exist yet until the very first alert is triggered on the cluster. One solution would be to create a rule that would trigger an alert, and thus ensure the index exists.
+
+## Additional information
+
+This package is an alternate way to the [Host Risk Score](https://www.elastic.co/guide/en/security/current/host-risk-score.html) Elastic assets (transforms, ingest pipeline) that were originally installed via the _Security App's_ Entity Analytics dashboard.
+
+The notable differences is that this Integration package:
+* Only supports the default space, while [the _Security App_](https://www.elastic.co/guide/en/security/current/host-risk-score.html) supports other spaces.
+* The Host Risk features in the _Security App_ aren't currently backed by the data coming from this Integration package.
diff --git a/packages/host_risk_score/elasticsearch/ingest_pipeline/ml_hostriskscore_ingest_pipeline.yml b/packages/host_risk_score/elasticsearch/ingest_pipeline/ml_hostriskscore_ingest_pipeline.yml
new file mode 100644
index 00000000000..ea9d7300fac
--- /dev/null
+++ b/packages/host_risk_score/elasticsearch/ingest_pipeline/ml_hostriskscore_ingest_pipeline.yml
@@ -0,0 +1,30 @@
+---
+processors:
+  - set:
+      field: ingest_timestamp
+      copy_from: _ingest.timestamp
+  - fingerprint:
+      fields:
+        - '@timestamp'
+        - _id
+      method: SHA-256
+      target_field: _id
+  - script:
+      lang: painless
+      source: |-
+        double risk_score = (def)ctx['host']['risk']['calculated_score_norm'];
+        if (risk_score < 20) {
+          ctx['host']['risk']['calculated_level'] = 'Unknown'
+        }
+        else if (risk_score >= 20 && risk_score < 40) {
+          ctx['host']['risk']['calculated_level'] = 'Low'
+        }
+        else if (risk_score >= 40 && risk_score < 70) {
+          ctx['host']['risk']['calculated_level'] = 'Moderate'
+        }
+        else if (risk_score >= 70 && risk_score < 90) {
+          ctx['host']['risk']['calculated_level'] = 'High'
+        }
+        else if (risk_score >= 90) {
+          ctx['host']['risk']['calculated_level'] = 'Critical'
+        }
diff --git a/packages/host_risk_score/elasticsearch/transform/latest_transform/fields/fields.yml b/packages/host_risk_score/elasticsearch/transform/latest_transform/fields/fields.yml
new file mode 100644
index 00000000000..0c0ebc44fed
--- /dev/null
+++ b/packages/host_risk_score/elasticsearch/transform/latest_transform/fields/fields.yml
@@ -0,0 +1,23 @@
+- name: host.name
+  external: ecs
+- name: host.risk.calculated_score_norm
+  external: ecs
+- name: host.risk.calculated_level
+  external: ecs
+- name: host.risk.multipliers
+  type: keyword
+- name: host.risk.rule_risks.rule_name
+  type: text
+  multi_fields:
+    - name: 'keyword'
+      type: keyword
+- name: host.risk.rule_risks.rule_risk
+  type: float
+- name: host.risk.rule_risks.rule_id
+  type: keyword
+- name: 'ingest_timestamp'
+  type: date
+- name: '@timestamp'
+  type: date
+
+# Via https://github.com/elastic/kibana/blob/main/x-pack/plugins/security_solution/common/utils/risk_score_modules.ts#L319-L366
diff --git a/packages/host_risk_score/elasticsearch/transform/latest_transform/transform.yml b/packages/host_risk_score/elasticsearch/transform/latest_transform/transform.yml
new file mode 100644
index 00000000000..2a30e17664a
--- /dev/null
+++ b/packages/host_risk_score/elasticsearch/transform/latest_transform/transform.yml
@@ -0,0 +1,18 @@
+dest:
+  index: ".alerts-security.host-risk-score-latest"
+description: This transform gets the latest risk information about hosts in the default Kibana space
+frequency: 1h
+latest:
+  sort: "@timestamp"
+  unique_key:
+    - "host.name"
+source:
+  index:
+    - ".alerts-security.host-risk-score.latest"
+sync:
+  time:
+    delay: 2s
+    field: "ingest_timestamp"
+_meta:
+  fleet_transform_version: 0.1.0
+  order: 2
diff --git a/packages/host_risk_score/elasticsearch/transform/pivot_transform/fields/fields.yml b/packages/host_risk_score/elasticsearch/transform/pivot_transform/fields/fields.yml
new file mode 100644
index 00000000000..5c758f87917
--- /dev/null
+++ b/packages/host_risk_score/elasticsearch/transform/pivot_transform/fields/fields.yml
@@ -0,0 +1,26 @@
+- name: host.name
+  external: ecs
+- name: host.risk.calculated_score_norm
+- name: host.name
+  external: ecs
+- name: host.risk.calculated_score_norm
+  external: ecs
+- name: host.risk.calculated_level
+  external: ecs
+- name: host.risk.multipliers
+  type: keyword
+- name: host.risk.rule_risks.rule_name
+  type: text
+  multi_fields:
+    - name: 'keyword'
+      type: keyword
+- name: host.risk.rule_risks.rule_risk
+  type: float
+- name: host.risk.rule_risks.rule_id
+  type: keyword
+- name: 'ingest_timestamp'
+  type: date
+- name: '@timestamp'
+  type: date
+
+# Via https://github.com/elastic/kibana/blob/main/x-pack/plugins/security_solution/common/utils/risk_score_modules.ts#L253-L298
diff --git a/packages/host_risk_score/elasticsearch/transform/pivot_transform/transform.yml b/packages/host_risk_score/elasticsearch/transform/pivot_transform/transform.yml
new file mode 100644
index 00000000000..a966f901e08
--- /dev/null
+++ b/packages/host_risk_score/elasticsearch/transform/pivot_transform/transform.yml
@@ -0,0 +1,158 @@
+dest:
+  index: ".alerts-security.host-risk-score"
+  pipeline: 0.1.0-ml_hostriskscore_ingest_pipeline
+description: This transform runs hourly and calculates a risk score and risk level for hosts in a Kibana space
+frequency: 1h
+pivot:
+  aggregations:
+    "@timestamp":
+      max:
+        field: "@timestamp"
+    host.risk:
+      scripted_metric:
+        combine_script: return state
+        init_script: |-
+          state.rule_risk_stats = new HashMap();
+          state.host_variant_set = false;
+          state.host_variant = new String();
+          state.tactic_ids = new HashSet();
+        map_script: |-
+          // Get the host variant
+          if (state.host_variant_set == false) {
+              if (doc.containsKey("host.os.full") && doc["host.os.full"].size() != 0) {
+                  state.host_variant = doc["host.os.full"].value;
+                  state.host_variant_set = true;
+              }
+          }
+          // Aggregate all the tactics seen on the host
+          if (doc.containsKey("signal.rule.threat.tactic.id") && doc["signal.rule.threat.tactic.id"].size() != 0) {
+              state.tactic_ids.add(doc["signal.rule.threat.tactic.id"].value);
+          }
+          // Get running sum of time-decayed risk score per rule name per shard
+          String rule_name = doc["signal.rule.name"].value;
+          def stats = state.rule_risk_stats.getOrDefault(rule_name, [0.0,"",false]);
+          int time_diff = (int)((System.currentTimeMillis() - doc["@timestamp"].value.toInstant().toEpochMilli()) / (1000.0 * 60.0 * 60.0));
+          double risk_derate = Math.min(1, Math.exp((params.lookback_time - time_diff) / params.time_decay_constant));
+          stats[0] = Math.max(stats[0], doc["signal.rule.risk_score"].value * risk_derate);
+          if (stats[2] == false) {
+              stats[1] = doc["kibana.alert.rule.uuid"].value;
+              stats[2] = true;
+          }
+          state.rule_risk_stats.put(rule_name, stats);
+        params:
+          lookback_time: 72
+          max_risk: 100
+          p: 1.5
+          server_multiplier: 1.5
+          tactic_base_multiplier: 0.25
+          tactic_weights:
+            TA0001: 1
+            TA0002: 2
+            TA0003: 3
+            TA0004: 4
+            TA0005: 4
+            TA0006: 4
+            TA0007: 4
+            TA0008: 5
+            TA0009: 6
+            TA0010: 7
+            TA0011: 6
+            TA0040: 8
+            TA0042: 1
+            TA0043: 1
+          time_decay_constant: 6
+          zeta_constant: 2.612
+        reduce_script: |-
+          // Consolidating time decayed risks and tactics from across all shards
+          Map total_risk_stats = new HashMap();
+          String host_variant = new String();
+          def tactic_ids = new HashSet();
+          for (state in states) {
+              for (key in state.rule_risk_stats.keySet()) {
+                  def rule_stats = state.rule_risk_stats.get(key);
+                  def stats = total_risk_stats.getOrDefault(key, [0.0,"",false]);
+                  stats[0] = Math.max(stats[0], rule_stats[0]);
+                  if (stats[2] == false) {
+                      stats[1] = rule_stats[1];
+                      stats[2] = true;
+                  }
+                  total_risk_stats.put(key, stats);
+              }
+              if (host_variant.length() == 0) {
+                  host_variant = state.host_variant;
+              }
+              tactic_ids.addAll(state.tactic_ids);
+          }
+          // Consolidating individual rule risks and arranging them in decreasing order
+          List risks = new ArrayList();
+          for (key in total_risk_stats.keySet()) {
+              risks.add(total_risk_stats[key][0])
+          }
+          Collections.sort(risks, Collections.reverseOrder());
+          // Calculating total host risk score
+          double total_risk = 0.0;
+          double risk_cap = params.max_risk * params.zeta_constant;
+          for (int i=0;i<risks.length;i++) {
+              total_risk += risks[i] / Math.pow((1+i), params.p);
+          }
+          // Normalizing the host risk score
+          double total_norm_risk = 100 * total_risk / risk_cap;
+          if (total_norm_risk < 40) {
+              total_norm_risk =  2.125 * total_norm_risk;
+          }
+          else if (total_norm_risk >= 40 && total_norm_risk < 50) {
+              total_norm_risk = 85 + (total_norm_risk - 40);
+          }
+          else {
+              total_norm_risk = 95 + (total_norm_risk - 50) / 10;
+          }
+          // Calculating multipliers to the host risk score
+          double risk_multiplier = 1.0;
+          List multipliers = new ArrayList();
+          // Add a multiplier if host is a server
+          if (host_variant.toLowerCase().contains("server")) {
+              risk_multiplier *= params.server_multiplier;
+              multipliers.add("Host is a server");
+          }
+          // Add based on number and diversity of tactics seen on the host
+          for (String tactic : tactic_ids) {
+              multipliers.add("Tactic "+tactic);
+              risk_multiplier *= 1 + params.tactic_base_multiplier * params.tactic_weights.getOrDefault(tactic, 0);
+          }
+          // Calculating final risk
+          double final_risk = total_norm_risk;
+          if (risk_multiplier > 1.0) {
+              double prior_odds = (total_norm_risk) / (100 - total_norm_risk);
+              double updated_odds = prior_odds * risk_multiplier;
+              final_risk = 100 * updated_odds / (1 + updated_odds);
+          }
+          // Adding additional metadata
+          List rule_stats = new ArrayList();
+          for (key in total_risk_stats.keySet()) {
+              Map temp = new HashMap();
+              temp["rule_name"] = key;
+              temp["rule_risk"] = total_risk_stats[key][0];
+              temp["rule_id"] = total_risk_stats[key][1];
+              rule_stats.add(temp);
+          }
+          return ["calculated_score_norm": final_risk, "rule_risks": rule_stats, "multipliers": multipliers];
+  group_by:
+    host.name:
+      terms:
+        field: host.name
+source:
+  index:
+    - ".alerts-security.alerts-default"
+  query:
+    bool:
+      filter:
+        - range:
+            "@timestamp":
+              gte: now-5d
+sync:
+  time:
+    delay: 120s
+    field: "@timestamp"
+_meta:
+  fleet_transform_version: 0.1.0
+  order: 1
diff --git a/packages/host_risk_score/img/icon-machine-learning.svg b/packages/host_risk_score/img/icon-machine-learning.svg
new file mode 100644
index 00000000000..f72fa354d8a
--- /dev/null
+++ b/packages/host_risk_score/img/icon-machine-learning.svg
@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 32 32">
+  <path fill="#00BFB3" fill-rule="evenodd" d="M10 17.9714v.559c0 .431-.275.812-.684.948L3 21.5834V9.97139c0-.313.149-.612.4-.8l3.2-2.4-1.2-1.6-3.201 2.4c-.751.564-1.199 1.461-1.199 2.4V21.9714c0 .939.448 1.836 1.2 2.4l3.2 2.4 1.2-1.6-2.473-1.855 5.822-1.94c1.227-.409 2.051-1.553 2.051-2.846v-.559h-2ZM29.8002 7.57139l-3.2-2.4-1.2 1.6 3.199 2.4c.251.188.401.487.401.8V21.5834l-6.316-2.105c-.409-.136-.684-.517-.684-.949v-.558h-2v.558c0 1.293.824 2.438 2.051 2.847l5.822 1.94-2.473 1.855 1.2 1.6 3.2-2.4c.751-.564 1.2-1.461 1.2-2.4V9.97139c0-.939-.449-1.836-1.2-2.4" clip-rule="evenodd"/>
+  <path fill="#535766" fill-rule="evenodd" d="M11 1.97125c-.267 0-.518.104-.707.293-.189.189-.293.44-.293.707 0 .267.104.518.293.707.378.378 1.037.378 1.414 0 .189-.189.293-.44.293-.707 0-.267-.104-.518-.293-.707-.189-.189-.44-.293-.707-.293m0 4c-.801 0-1.555-.312-2.122-.879-.566-.566-.878-1.32-.878-2.121 0-.801.312-1.555.879-2.122 1.133-1.132 3.109-1.133 4.243.001.566.566.878 1.32.878 2.121 0 .801-.312 1.555-.878 2.121h-.001v.001c-.566.566-1.32.878-2.121.878M11 27.9713c-.267 0-.518.104-.707.293-.189.189-.293.44-.293.707 0 .267.104.518.293.707.378.378 1.037.378 1.414 0 .189-.189.293-.44.293-.707 0-.267-.104-.518-.293-.707-.189-.189-.44-.293-.707-.293m0 4c-.801 0-1.555-.3121-2.122-.8791-.566-.566-.878-1.3199-.878-2.1209 0-.801.312-1.5551.879-2.1221 1.133-1.1319 3.109-1.1329 4.243.001.566.566.878 1.3201.878 2.1211 0 .801-.312 1.5549-.878 2.1209h-.001v.001c-.566.566-1.32.8781-2.121.8781M11 11.9713c-.267 0-.518.104-.707.293-.189.189-.293.44-.293.707 0 .267.104.518.293.707.378.378 1.037.378 1.414 0 .189-.189.293-.44.293-.707 0-.267-.104-.518-.293-.707-.189-.189-.44-.293-.707-.293m0 4c-.801 0-1.555-.3121-2.122-.8791-.566-.566-.878-1.3199-.878-2.1209 0-.801.312-1.5551.879-2.1221 1.133-1.13195 3.109-1.13295 4.243.001.566.566.878 1.3201.878 2.1211 0 .801-.312 1.5549-.878 2.1209h-.001v.001c-.566.566-1.32.8781-2.121.8781M21 1.97125c-.267 0-.518.104-.707.293-.189.189-.293.44-.293.707 0 .267.104.518.293.707.377.378 1.037.378 1.414 0 .189-.189.293-.44.293-.707 0-.267-.104-.518-.293-.707-.189-.189-.44-.293-.707-.293m0 4c-.801 0-1.555-.312-2.121-.878v-.001h-.001c-.566-.566-.878-1.32-.878-2.121 0-.801.312-1.555.879-2.122 1.133-1.132 3.109-1.133 4.243.001.566.566.878 1.32.878 2.121 0 .801-.312 1.555-.879 2.122-.566.566-1.32.878-2.121.878M21 27.9713c-.267 0-.518.104-.707.293-.189.189-.293.44-.293.707 0 .267.104.518.293.707.377.378 1.037.378 1.414 0 .189-.189.293-.44.293-.707 0-.267-.104-.518-.293-.707-.189-.189-.44-.293-.707-.293m0 4c-.801 0-1.555-.3121-2.121-.8781v-.001h-.001c-.566-.566-.878-1.3199-.878-2.1209 0-.801.312-1.5551.879-2.1221 1.133-1.1319 3.109-1.1329 4.243.001.566.566.878 1.3201.878 2.1211 0 .801-.312 1.5549-.879 2.1219-.566.566-1.32.8781-2.121.8781M21 11.9713c-.267 0-.518.104-.707.293-.189.189-.293.44-.293.707 0 .267.104.518.293.707.377.378 1.037.378 1.414 0 .189-.189.293-.44.293-.707 0-.267-.104-.518-.293-.707-.189-.189-.44-.293-.707-.293m0 4c-.801 0-1.555-.3121-2.121-.8781v-.001h-.001c-.566-.566-.878-1.3199-.878-2.1209 0-.801.312-1.5551.879-2.1221 1.133-1.13195 3.109-1.13295 4.243.001.566.566.878 1.3201.878 2.1211 0 .801-.312 1.5549-.879 2.1219-.566.566-1.32.8781-2.121.8781" clip-rule="evenodd"/>
+</svg>
diff --git a/packages/host_risk_score/img/sample-screenshot.png b/packages/host_risk_score/img/sample-screenshot.png
new file mode 100644
index 00000000000..913d7d85d86
Binary files /dev/null and b/packages/host_risk_score/img/sample-screenshot.png differ
diff --git a/packages/host_risk_score/manifest.yml b/packages/host_risk_score/manifest.yml
new file mode 100644
index 00000000000..303e6814d21
--- /dev/null
+++ b/packages/host_risk_score/manifest.yml
@@ -0,0 +1,24 @@
+format_version: 1.0.0
+name: host_risk_score
+title: "Host Risk Score"
+version: 0.1.0
+license: basic
+description: "The host risk score feature highlights risky hosts from within your environment."
+type: integration
+categories:
+  - security
+release: experimental
+conditions:
+  kibana.version: "^8.7.0"
+screenshots:
+  - src: /img/sample-screenshot.png
+    title: Sample screenshot
+    size: 600x600
+    type: image/png
+icons:
+  - src: /img/icon-machine-learning.svg
+    title: Sample logo
+    size: 32x32
+    type: image/svg+xml
+owner:
+  github: elastic/ml-ui