diff --git a/.github/workflows/helm-test.yaml b/.github/workflows/helm-test.yaml
index 66b298f..3690b32 100644
--- a/.github/workflows/helm-test.yaml
+++ b/.github/workflows/helm-test.yaml
@@ -50,3 +50,14 @@ jobs:
             exit 0
           fi
           helm unittest deploy/charts/version-checker
+
+  security_policies:
+    name: Verify that the Helm chart complies with the pod security standards
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - name: Install Kyverno CLI
+        uses: kyverno/action-install-cli@v0.2.0
+      - uses: azure/setup-helm@v3
+      - run: kyverno apply -p https://github.com/kyverno/policies/pod-security/restricted --git-branch main --resource <(helm template deploy/charts/version-checker/)
diff --git a/deploy/charts/version-checker/tests/deployment_test.yaml b/deploy/charts/version-checker/tests/deployment_test.yaml
index 029416a..0a538f7 100644
--- a/deploy/charts/version-checker/tests/deployment_test.yaml
+++ b/deploy/charts/version-checker/tests/deployment_test.yaml
@@ -432,7 +432,14 @@ tests:
         runAsUser: 65534
       securityContext:
         allowPrivilegeEscalation: false
+        capabilities:
+          drop:
+            - ALL
         readOnlyRootFilesystem: true
+        runAsNonRoot: true
+        runAsUser: 65534
+        seccompProfile:
+          type: RuntimeDefault
     asserts:
       - equal:
           path: spec.template.spec.securityContext
@@ -442,4 +449,11 @@ tests:
           path: spec.template.spec.containers[0].securityContext
           value:
             allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
             readOnlyRootFilesystem: true
+            runAsNonRoot: true
+            runAsUser: 65534
+            seccompProfile:
+              type: RuntimeDefault
diff --git a/deploy/charts/version-checker/values.yaml b/deploy/charts/version-checker/values.yaml
index 427043b..5d6f39a 100644
--- a/deploy/charts/version-checker/values.yaml
+++ b/deploy/charts/version-checker/values.yaml
@@ -127,16 +127,15 @@ resources:
 
 # -- Set container-level security context
 securityContext:
-  {}
-  # allowPrivilegeEscalation: false
-  # capabilities:
-  #   drop:
-  #     - ALL
-  # readOnlyRootFilesystem: true
-  # runAsNonRoot: true
-  # runAsUser: 65534
-  # seccompProfile:
-  #   type: RuntimeDefault
+  allowPrivilegeEscalation: false
+  capabilities:
+    drop:
+      - ALL
+  readOnlyRootFilesystem: true
+  runAsNonRoot: true
+  runAsUser: 65534
+  seccompProfile:
+    type: RuntimeDefault
 
 # -- Set pod-level security context
 podSecurityContext: {}