diff --git a/bundle/manifests/node-healthcheck-operator.clusterserviceversion.yaml b/bundle/manifests/node-healthcheck-operator.clusterserviceversion.yaml
index c90f70ab9..436fac3a0 100644
--- a/bundle/manifests/node-healthcheck-operator.clusterserviceversion.yaml
+++ b/bundle/manifests/node-healthcheck-operator.clusterserviceversion.yaml
@@ -525,6 +525,7 @@ spec:
                   capabilities:
                     drop:
                     - ALL
+                  readOnlyRootFilesystem: true
               priorityClassName: system-cluster-critical
               securityContext:
                 runAsNonRoot: true
diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
index f223ec7dd..64389bbd1 100644
--- a/config/manager/manager.yaml
+++ b/config/manager/manager.yaml
@@ -40,6 +40,7 @@ spec:
                 fieldPath: metadata.namespace
         securityContext:
           allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
           capabilities:
             drop:
               - ALL
diff --git a/config/optional/console-plugin/deployment.yaml b/config/optional/console-plugin/deployment.yaml
index 024b9a4cf..2cd65b4d1 100644
--- a/config/optional/console-plugin/deployment.yaml
+++ b/config/optional/console-plugin/deployment.yaml
@@ -28,6 +28,7 @@ spec:
             memory: 50Mi
         securityContext:
           allowPrivilegeEscalation: false
+          readOnlyRootFilesystem: true
           capabilities:
             drop:
             - ALL