diff --git a/defaults/01_redhat_operators.cr.yaml b/defaults/01_redhat_operators.cr.yaml
index f07b97cf3..200d9c44b 100644
--- a/defaults/01_redhat_operators.cr.yaml
+++ b/defaults/01_redhat_operators.cr.yaml
@@ -15,6 +15,7 @@ spec:
     registryPoll:
       interval: 10m
   grpcPodConfig:
+    securityContextConfig: restricted
     nodeSelector:
         node-role.kubernetes.io/master: ""
         kubernetes.io/os: "linux"
diff --git a/defaults/02_certified_operators.yaml b/defaults/02_certified_operators.yaml
index 8db11a9e9..efd3e9bd5 100644
--- a/defaults/02_certified_operators.yaml
+++ b/defaults/02_certified_operators.yaml
@@ -15,6 +15,7 @@ spec:
     registryPoll:
       interval: 10m
   grpcPodConfig:
+    securityContextConfig: restricted
     nodeSelector:
         node-role.kubernetes.io/master: ""
         kubernetes.io/os: "linux"
diff --git a/defaults/03_community_operators.yaml b/defaults/03_community_operators.yaml
index a5e7f2c5b..d375e8974 100644
--- a/defaults/03_community_operators.yaml
+++ b/defaults/03_community_operators.yaml
@@ -15,6 +15,7 @@ spec:
     registryPoll:
       interval: 10m
   grpcPodConfig:
+    securityContextConfig: restricted
     nodeSelector:
         node-role.kubernetes.io/master: ""
         kubernetes.io/os: "linux"
diff --git a/defaults/04_redhat_marketplace.yaml b/defaults/04_redhat_marketplace.yaml
index 8c30307d2..17a9f488b 100644
--- a/defaults/04_redhat_marketplace.yaml
+++ b/defaults/04_redhat_marketplace.yaml
@@ -15,6 +15,7 @@ spec:
     registryPoll:
       interval: 10m
   grpcPodConfig:
+    securityContextConfig: restricted
     nodeSelector:
         node-role.kubernetes.io/master: ""
         kubernetes.io/os: "linux"
diff --git a/manifests/01_namespace.yaml b/manifests/01_namespace.yaml
index cd7e3c69c..18b32340d 100644
--- a/manifests/01_namespace.yaml
+++ b/manifests/01_namespace.yaml
@@ -10,6 +10,8 @@ metadata:
     capability.openshift.io/name: "marketplace"
   labels:
     openshift.io/cluster-monitoring: "true"
-    pod-security.kubernetes.io/enforce: restricted
-    pod-security.kubernetes.io/enforce-version: v1.24
+    pod-security.kubernetes.io/enforce: baseline
+    pod-security.kubernetes.io/enforce-version: v1.25
+    pod-security.kubernetes.io/audit: restricted
+    pod-security.kubernetes.io/warn: restricted
   name: "openshift-marketplace"