diff --git a/chart/templates/grafana/values.yaml b/chart/templates/grafana/values.yaml
index 7f19e78a59a03f5f9cef8bce63b5e4b8ceb89cd3..1d3fa27dd11e6983a6da204164a1a0b807c1cc79 100644
--- a/chart/templates/grafana/values.yaml
+++ b/chart/templates/grafana/values.yaml
@@ -35,6 +35,12 @@ gitlabRunner:
 istio:
   {{- $grafanaInjection := dig "istio" "injection" "enabled" .Values.grafana }}
   enabled: {{ .Values.istio.enabled }}
+  hardened:
+    {{- if or (dig "values" "istio" "hardened" "enabled" false .Values.monitoring) (dig "values" "istio" "hardened" "enabled" false .Values.grafana) }}
+    enabled: true
+    {{- else }}
+    enabled: false
+    {{- end }}
   grafana:
     enabled: true
     gateways:
diff --git a/chart/templates/mattermost/values.yaml b/chart/templates/mattermost/values.yaml
index a12f753d99896e56be5ad6ffd87202ab72fad653..e56065b6a775f5e9ca22021048b6755b332010c1 100644
--- a/chart/templates/mattermost/values.yaml
+++ b/chart/templates/mattermost/values.yaml
@@ -21,6 +21,11 @@ istio:
     gateways:
     - istio-system/{{ default "public" .Values.addons.mattermost.ingress.gateway }}
   injection: {{ ternary "enabled" "disabled" $istioInjection }}
+  hardened:
+    clusterAuditor:
+      enabled: {{ .Values.clusterAuditor.enabled }}
+    kyvernoReporter:
+      enabled: {{ .Values.kyvernoReporter.enabled }}
 
 {{- if $istioInjection }}
 podAnnotations:
diff --git a/chart/templates/monitoring/values.yaml b/chart/templates/monitoring/values.yaml
index 8f42fab6a6fe058478e72c8cf07234dd9b7b4c7b..a02fadd4e6ec4de08ce7375c933d9e75974b6e82 100644
--- a/chart/templates/monitoring/values.yaml
+++ b/chart/templates/monitoring/values.yaml
@@ -36,6 +36,12 @@ gitlabRunner:
 istio:
   {{- $monitoringInjection := dig "istio" "injection" "enabled" .Values.monitoring }}
   enabled: {{ .Values.istio.enabled }}
+  hardened:
+    {{- if or (dig "values" "istio" "hardened" "enabled" false .Values.monitoring) (dig "values" "istio" "hardened" "enabled" false .Values.grafana) }}
+    enabled: true
+    {{- else }}
+    enabled: false
+    {{- end }}
   prometheus:
     enabled: true
     {{- if and .Values.monitoring.sso.enabled (eq $monitoringInjection "disabled") }}
diff --git a/chart/values.yaml b/chart/values.yaml
index ef02b99d8164f2e376846a754d7d940f0d53b298..7c8a7728053677ec2dea7648f094294c041d91b1 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -869,11 +869,11 @@ monitoring:
   git:
     repo: https://repo1.dso.mil/big-bang/product/packages/monitoring.git
     path: "./chart"
-    tag: "56.2.1-bb.3"
+    tag: "56.2.1-bb.9"
   helmRepo:
     repoName: "registry1"
     chartName: "monitoring"
-    tag: "56.2.1-bb.3"
+    tag: "56.2.1-bb.9"
 
   # -- Flux reconciliation overrides specifically for the Monitoring Package
   flux:
@@ -1640,11 +1640,11 @@ addons:
     git:
       repo: https://repo1.dso.mil/big-bang/product/packages/mattermost.git
       path: "./chart"
-      tag: "9.5.1-bb.1"
+      tag: "9.5.1-bb.2"
     helmRepo:
       repoName: "registry1"
       chartName: "mattermost"
-      tag: "9.5.1-bb.1"
+      tag: "9.5.1-bb.2"
 
     # -- Flux reconciliation overrides specifically for the Mattermost Package
     flux: {}
diff --git a/tests/test-values.yaml b/tests/test-values.yaml
index 1f0001275ecd19938b160dfd572d7de5780ebd82..cf490f2d2a9f31f60f7aa8b20db063432ab93b9f 100644
--- a/tests/test-values.yaml
+++ b/tests/test-values.yaml
@@ -955,6 +955,9 @@ monitoring:
     alertmanager:
       client_id: dev_00eb8904-5b88-4c68-ad67-cec0d2e07aa6_alertmanager
   values:
+    istio:
+      hardened:
+        enabled: true
     prometheus:
       prometheusSpec:
         replicas: 1
@@ -980,6 +983,7 @@ monitoring:
       enabled: true
       cypress:
         envs:
+          cypress_bigbang_integration: 'true'
           cypress_prometheus_url: 'https://prometheus.bigbang.dev'
           cypress_grafana_url: 'https://grafana.bigbang.dev'
           cypress_alertmanager_url: 'https://alertmanager.bigbang.dev'
@@ -996,6 +1000,45 @@ grafana:
       client_id: dev_00eb8904-5b88-4c68-ad67-cec0d2e07aa6_grafana
       scopes: "openid Grafana"
   values:
+    istio:
+      hardened:
+        enabled: true
+        customServiceEntries:
+          - name: "allow-npm-for-cypress-tests"
+            enabled: true
+            spec:
+              hosts:
+                - 'registry.npmjs.org'
+                - 'download.cypress.io'
+                - 'cdn.cypress.io'
+              location: MESH_EXTERNAL
+              ports:
+                - number: 443
+                  protocol: TLS
+                  name: https
+              resolution: DNS
+          - name: "allow-repo1-for-cypress"
+            enabled: true
+            spec:
+              hosts:
+                - 'repo1.dso.mil'
+              location: MESH_EXTERNAL
+              ports:
+                - number: 443
+                  protocol: TLS
+                  name: https
+              resolution: DNS
+          - name: "allow-grafana-for-cypress"
+            enabled: true
+            spec:
+              hosts:
+                - 'grafana.bigbang.dev'
+              location: MESH_EXTERNAL
+              ports:
+                - number: 443
+                  protocol: TLS
+                  name: https
+              resolution: DNS
     dashboards:
       default:
         k8s-deployment:
@@ -1646,6 +1689,16 @@ addons:
       istio:
         hardened:
           enabled: true
+          customAuthorizationPolicies:
+            - name: "test-for-allowing-monitoring"
+              enabled: true
+              spec:
+                action: ALLOW
+                rules:
+                  - from:
+                    - source:
+                        namespaces:
+                          - monitoring
       postgresql:
         persistence:
           size: 256Mi