diff --git a/opencti-platform/Dockerfile b/opencti-platform/Dockerfile
index b1474b4e1012..ec97eb59c773 100644
--- a/opencti-platform/Dockerfile
+++ b/opencti-platform/Dockerfile
@@ -95,7 +95,7 @@ RUN set -ex \
         -S \
         -u "${UID}" \
         "${USERNAME}" \
-    && install -o "${UID}" -g "${GID}" -m 0750 -d '/opt/opencti/logs'
+    && install -o "${UID}" -g "${GID}" -m 0752 -d '/opt/opencti/logs'
 
 VOLUME ["/opt/opencti/logs"]
 
diff --git a/opencti-platform/Dockerfile_circleci b/opencti-platform/Dockerfile_circleci
index 79514367d049..5f6818c693d1 100644
--- a/opencti-platform/Dockerfile_circleci
+++ b/opencti-platform/Dockerfile_circleci
@@ -48,9 +48,30 @@ COPY --from=graphql-builder /opt/opencti-build/opencti-graphql/public ./public
 COPY opencti-graphql/src ./src
 COPY opencti-graphql/config ./config
 COPY opencti-graphql/script ./script
+
+ARG UID=10000
+ARG GID=10001
+ARG USERNAME="_opencti"
+
 ENV PYTHONUNBUFFERED=1
 ENV NODE_OPTIONS=--max_old_space_size=12288
 ENV NODE_ENV=production
 
+RUN set -ex \
+    ; addgroup -g "${GID}" -S "${USERNAME}" \
+    && adduser \
+        -h /opt/opencti \
+        -g "OpenCTI privsep user" \
+        -s "/sbin/nologin" \
+        -G "${USERNAME}" \
+        -S \
+        -u "${UID}" \
+        "${USERNAME}" \
+    && install -o "${UID}" -g "${GID}" -m 0752 -d '/opt/opencti/logs'
+
+VOLUME ["/opt/opencti/logs"]
+
+USER "${USERNAME}"
+
 ENTRYPOINT ["/sbin/tini", "--"]
 CMD ["node", "build/back.js"]
diff --git a/opencti-platform/Dockerfile_circleci_fips b/opencti-platform/Dockerfile_circleci_fips
index c85cb6bc9891..dea6fd51d6ff 100644
--- a/opencti-platform/Dockerfile_circleci_fips
+++ b/opencti-platform/Dockerfile_circleci_fips
@@ -41,9 +41,30 @@ COPY --from=graphql-builder /opt/opencti-build/opencti-graphql/public ./public
 COPY opencti-graphql/src ./src
 COPY opencti-graphql/config ./config
 COPY opencti-graphql/script ./script
+
+ARG UID=10000
+ARG GID=10001
+ARG USERNAME="_opencti"
+
 ENV PYTHONUNBUFFERED=1
 ENV NODE_OPTIONS="--force-fips --max_old_space_size=12288"
 ENV NODE_ENV=production
 
+RUN set -ex \
+    ; addgroup -g "${GID}" -S "${USERNAME}" \
+    && adduser \
+        -h /opt/opencti \
+        -g "OpenCTI privsep user" \
+        -s "/sbin/nologin" \
+        -G "${USERNAME}" \
+        -S \
+        -u "${UID}" \
+        "${USERNAME}" \
+    && install -o "${UID}" -g "${GID}" -m 0752 -d '/opt/opencti/logs'
+
+VOLUME ["/opt/opencti/logs"]
+
+USER "${USERNAME}"
+
 ENTRYPOINT ["/sbin/tini", "--"]
 CMD ["node", "build/back.js"]
diff --git a/opencti-platform/Dockerfile_fips b/opencti-platform/Dockerfile_fips
index 96c32c841e6b..b306fc6c556a 100644
--- a/opencti-platform/Dockerfile_fips
+++ b/opencti-platform/Dockerfile_fips
@@ -83,7 +83,7 @@ RUN set -ex \
         -S \
         -u "${UID}" \
         "${USERNAME}" \
-    && install -o "${UID}" -g "${GID}" -m 0750 -d '/opt/opencti/logs'
+    && install -o "${UID}" -g "${GID}" -m 0752 -d '/opt/opencti/logs'
 
 VOLUME ["/opt/opencti/logs"]