diff --git a/Dockerfile b/Dockerfile
index 9c8e53b..28a16c2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -15,13 +15,18 @@ RUN uv pip install --system "guarddog>=2.10.0"
 
 RUN mkdir -p /data /tmp/guarddog-nexus
 
+RUN groupadd -r app && useradd -r -g app app && \
+    chown -R app:app /app /data /tmp/guarddog-nexus
+
+USER app
+
 ENV DATABASE_PATH=/data/guarddog.db
 ENV TEMP_DIR=/tmp/guarddog-nexus
 ENV PYTHONDONTWRITEBYTECODE=1
 
 EXPOSE 8080
 
-HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
-    CMD python -c "from urllib.request import urlopen; urlopen('http://localhost:8080/health')"
+HEALTHCHECK --interval=30s --timeout=3s --start-period=15s --retries=3 \
+    CMD curl -sf http://localhost:8080/health/dependencies || exit 1
 
 CMD ["python", "-m", "guarddog_nexus.main"]
diff --git a/docker-compose.yml b/docker-compose.yml
index 5dfe6e3..200e558 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -32,6 +32,12 @@ services:
     volumes:
       - nexus-data:/nexus-data
     restart: unless-stopped
+    healthcheck:
+      test: ["CMD", "curl", "-sf", "http://localhost:8081/service/rest/v1/status"]
+      interval: 15s
+      timeout: 5s
+      start_period: 60s
+      retries: 10
 
   nexus-setup:
     image: alpine:3.21