diff --git a/docker-compose.local.yml b/docker-compose.local.yml
index 3bfc6db..3792e3e 100644
--- a/docker-compose.local.yml
+++ b/docker-compose.local.yml
@@ -46,8 +46,11 @@ services:
       - no-new-privileges:true
     cap_drop:
       - ALL
-    mem_limit: 1g
-    cpus: 1.0
+    deploy:
+      resources:
+        limits:
+          cpus: '1.0'
+          memory: 1G
 
   postgres:
     image: postgres:16-alpine
@@ -72,8 +75,11 @@ services:
       - no-new-privileges:true
     cap_drop:
       - ALL
-    mem_limit: 512m
-    cpus: 0.5
+    deploy:
+      resources:
+        limits:
+          cpus: '0.5'
+          memory: 512M
 
   minio:
     image: minio/minio:latest
@@ -98,8 +104,11 @@ services:
       - no-new-privileges:true
     cap_drop:
       - ALL
-    mem_limit: 512m
-    cpus: 0.5
+    deploy:
+      resources:
+        limits:
+          cpus: '0.5'
+          memory: 512M
 
   minio-init:
     image: minio/mc:latest
@@ -119,8 +128,11 @@ services:
       - no-new-privileges:true
     cap_drop:
       - ALL
-    mem_limit: 128m
-    cpus: 0.25
+    deploy:
+      resources:
+        limits:
+          cpus: '0.25'
+          memory: 128M
 
   redis:
     image: redis:7-alpine
@@ -141,8 +153,11 @@ services:
       - no-new-privileges:true
     cap_drop:
       - ALL
-    mem_limit: 256m
-    cpus: 0.25
+    deploy:
+      resources:
+        limits:
+          cpus: '0.25'
+          memory: 256M
 
 volumes:
   postgres-data-local:
diff --git a/docker-compose.yml b/docker-compose.yml
index d0ba98f..00dcc73 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -44,8 +44,11 @@ services:
       - no-new-privileges:true
     cap_drop:
       - ALL
-    mem_limit: 1g
-    cpus: 1.0
+    deploy:
+      resources:
+        limits:
+          cpus: '1.0'
+          memory: 1G
 
   postgres:
     image: containers.global.bsf.tools/postgres:16-alpine
@@ -70,8 +73,11 @@ services:
       - no-new-privileges:true
     cap_drop:
       - ALL
-    mem_limit: 512m
-    cpus: 0.5
+    deploy:
+      resources:
+        limits:
+          cpus: '0.5'
+          memory: 512M
 
   minio:
     image: containers.global.bsf.tools/minio/minio:latest
@@ -96,8 +102,11 @@ services:
       - no-new-privileges:true
     cap_drop:
       - ALL
-    mem_limit: 512m
-    cpus: 0.5
+    deploy:
+      resources:
+        limits:
+          cpus: '0.5'
+          memory: 512M
 
   minio-init:
     image: containers.global.bsf.tools/minio/mc:latest
@@ -117,8 +126,11 @@ services:
       - no-new-privileges:true
     cap_drop:
       - ALL
-    mem_limit: 128m
-    cpus: 0.25
+    deploy:
+      resources:
+        limits:
+          cpus: '0.25'
+          memory: 128M
 
   redis:
     image: containers.global.bsf.tools/redis:7-alpine
@@ -139,8 +151,11 @@ services:
       - no-new-privileges:true
     cap_drop:
       - ALL
-    mem_limit: 256m
-    cpus: 0.25
+    deploy:
+      resources:
+        limits:
+          cpus: '0.25'
+          memory: 256M
 
 volumes:
   postgres-data:
diff --git a/kics.config b/kics.config
index bae145f..5572c19 100644
--- a/kics.config
+++ b/kics.config
@@ -23,13 +23,3 @@ exclude-queries:
   # Reason: We intentionally don't pin curl version to get security updates.
   # This is documented with hadolint ignore comment in Dockerfile.
   - 965a08d7-ef86-4f14-8792-4a3b2098937e
-
-  # Cpus Not Limited (LOW)
-  # Reason: Local development docker-compose files. Resource limits are set in
-  # production Kubernetes deployments via Helm values, not docker-compose.
-  - 6b610c50-99fb-4ef0-a5f3-e312fd945bc3
-
-  # Memory Not Limited (MEDIUM)
-  # Reason: Local development docker-compose files. Resource limits are set in
-  # production Kubernetes deployments via Helm values, not docker-compose.
-  - bb9ac4f7-e13b-423d-a010-c74a1bfbe492