diff --git a/charts/haproxy/templates/daemonset.yaml b/charts/haproxy/templates/daemonset.yaml
index 5118cbe4..aaa2a28f 100644
--- a/charts/haproxy/templates/daemonset.yaml
+++ b/charts/haproxy/templates/daemonset.yaml
@@ -37,6 +37,7 @@ spec:
       annotations:
         scheduler.alpha.kubernetes.io/critical-pod: ''
     spec:
+{{ dict "envAll" $envAll "application" "haproxy_anchor" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
       tolerations:
         - key: node-role.kubernetes.io/master
           effect: NoSchedule
@@ -48,6 +49,7 @@ spec:
         - name: anchor
           image: {{ .Values.images.tags.anchor }}
           imagePullPolicy: {{ .Values.images.pull_policy }}
+{{ dict "envAll" $envAll "application" "haproxy_anchor" "container" "anchor" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
           env:
             - name: HAPROXY_HEADER
               value: /tmp/etc/haproxy.cfg.header
diff --git a/charts/haproxy/values.yaml b/charts/haproxy/values.yaml
index 373bf6af..de9d60ae 100644
--- a/charts/haproxy/values.yaml
+++ b/charts/haproxy/values.yaml
@@ -72,6 +72,14 @@ endpoints:
     port: 6553
 
 pod:
+  security_context:
+    haproxy_anchor:
+      pod:
+        runAsUser: 65534
+      container:
+        anchor:
+          allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
   lifecycle:
     upgrades:
       daemonsets: