diff --git a/k8s/apps/hexound/deployment.yaml b/k8s/apps/hexound/deployment.yaml
index 1616508..087517a 100644
--- a/k8s/apps/hexound/deployment.yaml
+++ b/k8s/apps/hexound/deployment.yaml
@@ -1,11 +1,10 @@
----
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: hexound
   namespace: hexound
 spec:
-  replicas: TST
+  replicas: 1
   selector:
     matchLabels:
       app: hexound
@@ -35,8 +34,14 @@ spec:
           volumeMounts:
             - name: hexound-repo
               mountPath: /var/www/html
+              readOnly: true
+          securityContext:
+            readOnlyRootFilesystem: true
+            allowPrivilegeEscalation: false
+            runAsNonRoot: true
+            runAsUser: 101
+            runAsGroup: 101
           ports:
             - name: http
               containerPort: 8080
-              protocol: TCP
-
+              protocol: TCP
\ No newline at end of file