diff --git a/charts/opentelemetry-ebpf/templates/cloud-collector-deployment.yaml b/charts/opentelemetry-ebpf/templates/cloud-collector-deployment.yaml
index 513dea4996..5c335a9159 100644
--- a/charts/opentelemetry-ebpf/templates/cloud-collector-deployment.yaml
+++ b/charts/opentelemetry-ebpf/templates/cloud-collector-deployment.yaml
@@ -102,7 +102,8 @@ spec:
 {{- end }}
 {{- end }}
       terminationGracePeriodSeconds: 30
-      securityContext: {}
+      securityContext: 
+{{ toYaml .Values.cloudCollector.securityContext | indent 8 }}
       serviceAccountName: {{ include "opentelemetry-collector-cloud-collector.serviceAccountName" . }}
     {{- with .Values.cloudCollector.nodeSelector }}
       nodeSelector:
diff --git a/charts/opentelemetry-ebpf/templates/kernel-collector-daemonset.yaml b/charts/opentelemetry-ebpf/templates/kernel-collector-daemonset.yaml
index ed37644034..1dc1d27694 100644
--- a/charts/opentelemetry-ebpf/templates/kernel-collector-daemonset.yaml
+++ b/charts/opentelemetry-ebpf/templates/kernel-collector-daemonset.yaml
@@ -150,7 +150,7 @@ spec:
 {{- end }}
       dnsPolicy: ClusterFirstWithHostNet
       hostNetwork: true
-      hostPID: true
+      hostPID: false
       serviceAccountName: {{ include "opentelemetry-collector-kernel-collector.serviceAccountName" . }}
       volumes:
       - name: {{ include "opentelemetry-ebpf.fullname" . }}-config
diff --git a/charts/opentelemetry-ebpf/values.yaml b/charts/opentelemetry-ebpf/values.yaml
index c0bd9fabb8..7a6e8b6825 100644
--- a/charts/opentelemetry-ebpf/values.yaml
+++ b/charts/opentelemetry-ebpf/values.yaml
@@ -67,7 +67,17 @@ cloudCollector:
     registry: ""
     tag: ""
     name: opentelemetry-ebpf-cloud-collector
-
+  resources:
+    requests:
+      memory: "256Mi"
+      cpu: "250m"
+    limits:
+      memory: "512Mi"
+      cpu: "500m"
+  securityContext:
+    runAsUser: 1000
+    runAsNonRoot: true
+    readOnlyRootFilesystem: true
   serviceAccount:
     create: true
     name: ""