diff --git a/values.yaml b/values.yaml
index 445d84c..8134ed6 100644
--- a/values.yaml
+++ b/values.yaml
@@ -252,20 +252,28 @@ injector:
     certName: tls.crt
     keyName: tls.key
 
-  # Security context for the pod template and the injector container
-  # The default pod securityContext is:
-  #   runAsNonRoot: true
-  #   runAsGroup: {{ .Values.injector.gid | default 1000 }}
-  #   runAsUser: {{ .Values.injector.uid | default 100 }}
-  #   fsGroup: {{ .Values.injector.gid | default 1000 }}
-  # and for container is
-  #    allowPrivilegeEscalation: false
-  #    capabilities:
-  #      drop:
-  #        - ALL
-  securityContext:
-    pod: {}
-    container: {}
+    # Security context for the pod template and the injector container
+    # The default pod securityContext is:
+    #   runAsNonRoot: true
+    #   runAsGroup: {{ .Values.injector.gid | default 1000 }}
+    #   runAsUser: {{ .Values.injector.uid | default 100 }}
+    #   fsGroup: {{ .Values.injector.gid | default 1000 }}
+    # and for container is
+    #    allowPrivilegeEscalation: false
+    #    capabilities:
+    #      drop:
+    #        - ALL
+    #securityContext:
+    #  pod: {}
+    #  container: {}
+    securityContext:
+    pod:
+      runAsNonRoot: true
+    container:
+      allowPrivilegeEscalation: false
+      capabilities:
+        drop:
+          - ALL
 
   resources: {}
   # resources:
@@ -1031,9 +1039,17 @@ server:
     # If not set, these will default to, and for OpenShift:
     # pod: {}
     # container: {}
-    securityContext:
-      pod: {}
-      container: {}
+    #securityContext:
+    #  pod: {}
+    #  container: {}
+  securityContext:
+    pod:
+      runAsNonRoot: true
+    container:
+      allowPrivilegeEscalation: false
+      capabilities:
+        drop:
+          - ALL
 
   # Should the server pods run on the host network
   hostNetwork: false