diff --git a/umami/config/umami.env b/umami/config/umami.env
index 772c162..fcbce2d 100644
Binary files a/umami/config/umami.env and b/umami/config/umami.env differ
diff --git a/umami/resources/deployment.yaml b/umami/resources/deployment.yaml
index 17add72..6044d09 100644
--- a/umami/resources/deployment.yaml
+++ b/umami/resources/deployment.yaml
@@ -37,6 +37,12 @@ spec:
             limits:
               memory: "384Mi"
               cpu: "250m"
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            readOnlyRootFilesystem: true
       containers:
         - name: umami
           image: umami
@@ -54,11 +60,11 @@ spec:
                 name: umami-config
           resources:
             requests:
-              memory: "256Mi"
-              cpu: "50m"
+              memory: "64Mi"
+              cpu: "150m"
             limits:
-              memory: "384Mi"
-              cpu: "100m"
+              memory: "256Mi"
+              cpu: "300m"
           ports:
           - containerPort: 3000
             protocol: TCP
@@ -80,7 +86,7 @@ spec:
             capabilities:
               drop:
                 - ALL
-            readOnlyRootFilesystem: false
+            readOnlyRootFilesystem: true
       affinity:
         nodeAffinity:
           preferredDuringSchedulingIgnoredDuringExecution: