diff --git a/memcached/templates/statefulset.yaml b/memcached/templates/statefulset.yaml
index 6d4c4f44d..77692d1bb 100644
--- a/memcached/templates/statefulset.yaml
+++ b/memcached/templates/statefulset.yaml
@@ -132,6 +132,6 @@ spec:
         - name: memcached-bin
           configMap:
             name: {{ $configMapBinName | quote }}
-            defaultMode: 0555
+            defaultMode: 360
 {{ dict "envAll" $envAll "component" "memcached" "requireSys" true | include "helm-toolkit.snippets.kubernetes_apparmor_volumes" | indent 8 }}
 {{- end }}
diff --git a/memcached/values.yaml b/memcached/values.yaml
index 895a6b69a..41fcb5086 100644
--- a/memcached/values.yaml
+++ b/memcached/values.yaml
@@ -150,13 +150,21 @@ pod:
     server:
       pod:
         runAsUser: 65534
+        runAsNonRoot: true
+        fsGroup: 65534
       container:
         memcached:
           allowPrivilegeEscalation: false
           readOnlyRootFilesystem: true
+          capabilities:
+            drop:
+              - ALL
         memcached_exporter:
           allowPrivilegeEscalation: false
           readOnlyRootFilesystem: true
+          capabilities:
+            drop:
+              - ALL
   probes:
     memcached:
       memcached: