diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml
index fe19caf36b3..5959e300821 100644
--- a/.github/workflows/benchmarks.yml
+++ b/.github/workflows/benchmarks.yml
@@ -61,7 +61,7 @@ jobs:
       GOBENCH_USERNAME: ${{ secrets.GOBENCH_USERNAME }}
       GOBENCH_HOST: ${{ secrets.GOBENCH_HOST }}
       # temporarily override to get faster feedback
-      BENCHMARK_WARMUP_TIME: 1m
+      BENCHMARK_WARMUP_TIME: 5m
       BENCHMARK_COUNT: 2
       BENCHMARK_TIME: 1m
     steps:
@@ -120,7 +120,7 @@ jobs:
         if: ${{ inputs.runStandalone }}
         run: |
           make moxy
-          cd ../.. && make build/apm-server-linux-amd64 && mv build/apm-server-linux-amd64 build/apm-server
+          make apm-server
 
       - name: Override docker committed version
         if: ${{ ! inputs.runOnStable && ! inputs.runStandalone}}
diff --git a/systemtest/cmd/moxy/.gitignore b/systemtest/cmd/moxy/.gitignore
new file mode 100644
index 00000000000..48537ea034d
--- /dev/null
+++ b/systemtest/cmd/moxy/.gitignore
@@ -0,0 +1 @@
+moxy
diff --git a/systemtest/cmd/moxy/main.go b/systemtest/cmd/moxy/main.go
index ed7c63d42c4..cf3c4cebd88 100644
--- a/systemtest/cmd/moxy/main.go
+++ b/systemtest/cmd/moxy/main.go
@@ -3,6 +3,7 @@ package main
 import (
 	"bufio"
 	"bytes"
+	"encoding/base64"
 	"flag"
 	"fmt"
 	"io"
@@ -19,6 +20,8 @@ func main() {
 		"loglevel", zapcore.InfoLevel,
 		"set log level to one of: DEBUG, INFO (default), WARN, ERROR, DPANIC, PANIC, FATAL",
 	)
+	username := flag.String("username", "elastic", "authentication username to mimic ES")
+	password := flag.String("password", "", "authentication username to mimic ES")
 	flag.Parse()
 	zapcfg := zap.NewProductionConfig()
 	zapcfg.EncoderConfig.EncodeTime = zapcore.RFC3339TimeEncoder
@@ -29,24 +32,59 @@ func main() {
 	if err != nil {
 		panic(err)
 	}
+	if *username == "" || *password == "" {
+		logger.Fatal("both username and password are required")
+	}
 	defer logger.Sync()
 	s := http.Server{
 		Addr:    ":9200",
-		Handler: handler(logger),
+		Handler: handler(logger, *username, *password),
 	}
 	if err := s.ListenAndServe(); err != nil {
 		logger.Fatal("listen error", zap.Error(err))
 	}
 }
 
-func handler(logger *zap.Logger) http.Handler {
+func handler(logger *zap.Logger, username, password string) http.Handler {
+	expectedAuth := fmt.Sprintf("%s:%s", username, password)
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		w.Header().Set("X-Elastic-Product", "Elasticsearch")
-		first := true
+		auth := r.Header.Get("Authorization")
+		actualAuth, err := base64.StdEncoding.DecodeString(auth)
+		if err != nil || string(actualAuth) != expectedAuth {
+			logger.Error(
+				"authentication failed",
+				zap.Error(err),
+				zap.String("actual", string(actualAuth)),
+				zap.String("expected", expectedAuth),
+			)
+			// w.WriteHeader(http.StatusUnauthorized)
+			return
+		}
 		switch r.URL.Path {
+		case "/":
+			// MIS doesn't use this route, but apm-server checks for cluster_uuid
+			w.Write([]byte(`{
+			"name": "instance-0000000001",
+			"cluster_name": "eca3b3c3bbee4816bb92f82184e328dd",
+			"cluster_uuid": "cc49813b6b8e2138fbb8243ae2b3deed",
+			"version": {
+				"number": "8.15.1",
+				"build_flavor": "default",
+				"build_type": "docker",
+				"build_hash": "253e8544a65ad44581194068936f2a5d57c2c051",
+				"build_date": "2024-09-02T22:04:47.310170297Z",
+				"build_snapshot": false,
+				"lucene_version": "9.11.1",
+				"minimum_wire_compatibility_version": "7.17.0",
+				"minimum_index_compatibility_version": "7.0.0"
+			},
+			"tagline": "You Know, for Search"
+			}`))
 		case "/_security/user/_has_privileges":
 			w.Write([]byte(`{"username":"admin","has_all_requested":true,"cluster":{},"index":{},"application":{"apm":{"-":{"event:write":true}}}}`))
 		case "/_bulk":
+			first := true
 			var body io.Reader
 			switch r.Header.Get("Content-Encoding") {
 			case "gzip":
diff --git a/testing/benchmark/Makefile b/testing/benchmark/Makefile
index b300ff0de0e..560e3567300 100644
--- a/testing/benchmark/Makefile
+++ b/testing/benchmark/Makefile
@@ -6,6 +6,9 @@ MOXY_PATH ?= ../../systemtest/cmd/moxy
 MOXY_GOOS ?= linux
 MOXY_GOARCH ?= amd64
 
+APM_SERVER_GOOS ?= linux
+APM_SERVER_GOARCH ?= amd64
+
 TFVARS_SOURCE ?= terraform.tfvars.example
 
 BENCHMARK_WARMUP_TIME ?= 5m
@@ -76,6 +79,10 @@ moxy:
 	@echo "-> Building moxy..."
 	@cd $(MOXY_PATH) && CGO_ENABLED=0 GOOS=$(MOXY_GOOS) GOARCH=$(MOXY_GOARCH) go build .
 
+.PHONY: apm-server
+apm-server:
+	@cd ../.. && make build/apm-server-$(APM_SERVER_GOOS)-$(APM_SERVER_GOARCH) && mv build/apm-server-$(APM_SERVER_GOOS)-$(APM_SERVER_GOARCH) build/apm-server
+
 .PHONY: init
 init:
 	@terraform init
diff --git a/testing/benchmark/main.tf b/testing/benchmark/main.tf
index 240ac11a4b6..42ae7d4c968 100644
--- a/testing/benchmark/main.tf
+++ b/testing/benchmark/main.tf
@@ -35,7 +35,9 @@ module "tags" {
   project = startswith(var.user_name, "benchci") ? "benchmarks" : var.user_name
 }
 
-provider "ec" {}
+provider "ec" {
+  apikey = "aaa"
+}
 
 provider "aws" {
   region = var.worker_region
@@ -127,7 +129,7 @@ module "benchmark_worker" {
   private_key = var.private_key
 
   tags       = merge(local.ci_tags, module.tags.tags)
-  depends_on = [module.vpc]
+  depends_on = [module.moxy, module.ec_deployment]
 }
 
 module "moxy" {
@@ -158,9 +160,9 @@ module "standalone_apm_server" {
   aws_provisioner_key_name = var.private_key
 
   elasticsearch_url      = module.moxy[0].moxy_url
-  elasticsearch_username = ""
-  elasticsearch_password = ""
+  elasticsearch_username = "elastic"
+  elasticsearch_password = module.moxy[0].moxy_password
 
   tags       = merge(local.ci_tags, module.tags.tags)
-  depends_on = [module.vpc]
+  depends_on = [module.moxy]
 }
diff --git a/testing/benchmark/outputs.tf b/testing/benchmark/outputs.tf
index d222ab4cf6b..079aea7e934 100644
--- a/testing/benchmark/outputs.tf
+++ b/testing/benchmark/outputs.tf
@@ -26,13 +26,13 @@ output "kibana_url" {
 }
 
 output "apm_secret_token" {
-  value       = var.run_standalone ? module.standalone_apm_server[0].apm_server_url : module.ec_deployment[0].apm_url
+  value       = var.run_standalone ? module.standalone_apm_server[0].apm_secret_token : module.ec_deployment[0].apm_secret_token
   description = "The APM Server secret token"
   sensitive   = true
 }
 
 output "apm_server_url" {
-  value       = var.run_standalone ? module.standalone_apm_server[0].apm_secret_token : module.ec_deployment[0].apm_secret_token
+  value       = var.run_standalone ? module.standalone_apm_server[0].apm_server_url : module.ec_deployment[0].apm_url
   description = "The APM Server URL"
   sensitive   = true
 }
diff --git a/testing/benchmark/variables.tf b/testing/benchmark/variables.tf
index fc12a72dd88..43c7cb86a97 100644
--- a/testing/benchmark/variables.tf
+++ b/testing/benchmark/variables.tf
@@ -1,12 +1,13 @@
 ## General configuration
 
 variable "user_name" {
+  default     = "test-kostya-vpc-bench-apm"
   description = "Required username to use for prefixes"
   type        = string
 }
 
 variable "run_standalone" {
-  default     = false
+  default     = true
   description = "If set run benchmarks against standalone APM Server conneted to moxy"
   type        = bool
 }
diff --git a/testing/infra/terraform/modules/moxy/main.tf b/testing/infra/terraform/modules/moxy/main.tf
index ffbeb9cb3cf..0429d76d164 100644
--- a/testing/infra/terraform/modules/moxy/main.tf
+++ b/testing/infra/terraform/modules/moxy/main.tf
@@ -83,8 +83,9 @@ resource "aws_instance" "moxy" {
   provisioner "remote-exec" {
     inline = [
       "sudo cp ${local.bin_path} moxy",
-      "chmod +x moxy",
-      "./moxy &"
+      "sudo chmod +x moxy",
+      "screen -d -m ./moxy -password=${random_password.moxy_password.result}",
+      "sleep 1"
     ]
   }
 
@@ -95,3 +96,9 @@ resource "aws_key_pair" "provisioner_key" {
   public_key = file("${var.aws_provisioner_key_name}.pub")
   tags       = var.tags
 }
+
+
+resource "random_password" "moxy_password" {
+  length  = 16
+  special = false
+}
diff --git a/testing/infra/terraform/modules/moxy/outputs.tf b/testing/infra/terraform/modules/moxy/outputs.tf
index a9c9844a84b..89414843b6b 100644
--- a/testing/infra/terraform/modules/moxy/outputs.tf
+++ b/testing/infra/terraform/modules/moxy/outputs.tf
@@ -1,4 +1,10 @@
 output "moxy_url" {
   value       = "http://${aws_instance.moxy.public_ip}:${local.moxy_port}"
-  description = "The Moxy Server URL"
+  description = "The Moxy server URL"
+}
+
+output "moxy_password" {
+  value       = random_password.moxy_password.result
+  description = "The Moxy password for communication"
+  sensitive   = true
 }
diff --git a/testing/infra/terraform/modules/standalone_apm_server/main.tf b/testing/infra/terraform/modules/standalone_apm_server/main.tf
index 47a2e129a89..c638a040808 100644
--- a/testing/infra/terraform/modules/standalone_apm_server/main.tf
+++ b/testing/infra/terraform/modules/standalone_apm_server/main.tf
@@ -202,9 +202,11 @@ resource "aws_instance" "apm" {
         "sleep 1",
         ] : [
         "sudo cp ${local.bin_path} apm-server",
-        "chmod +x apm-server",
+        "sudo chmod +x apm-server",
         "sudo cp ${local.conf_path} apm-server.yml",
-        "./apm-server &"
+        "sudo mkdir -m 777 /var/log/apm-server",
+        "screen -d -m ./apm-server",
+        "sleep 1"
       ]
     )
   }