diff --git a/cmake/cpack/CMakeCPackOptions.cmake b/cmake/cpack/CMakeCPackOptions.cmake
index e28dfa10ede..18bc5a6ba19 100644
--- a/cmake/cpack/CMakeCPackOptions.cmake
+++ b/cmake/cpack/CMakeCPackOptions.cmake
@@ -1,11 +1,13 @@
 if(CPACK_GENERATOR MATCHES "DEB")
 	list(APPEND CPACK_INSTALL_COMMANDS "mkdir -p _CPack_Packages/${CPACK_TOPLEVEL_TAG}/${CPACK_GENERATOR}/${CPACK_PACKAGE_FILE_NAME}/usr/lib/systemd/system")
 	list(APPEND CPACK_INSTALL_COMMANDS "cp scripts/debian/falco.service _CPack_Packages/${CPACK_TOPLEVEL_TAG}/${CPACK_GENERATOR}/${CPACK_PACKAGE_FILE_NAME}/usr/lib/systemd/system")
+	list(APPEND CPACK_INSTALL_COMMANDS "cp scripts/debian/falco_inject_kmod.service _CPack_Packages/${CPACK_TOPLEVEL_TAG}/${CPACK_GENERATOR}/${CPACK_PACKAGE_FILE_NAME}/usr/lib/systemd/system")
 endif()
 
 if(CPACK_GENERATOR MATCHES "RPM")
 	list(APPEND CPACK_INSTALL_COMMANDS "mkdir -p _CPack_Packages/${CPACK_TOPLEVEL_TAG}/${CPACK_GENERATOR}/${CPACK_PACKAGE_FILE_NAME}/usr/lib/systemd/system")
 	list(APPEND CPACK_INSTALL_COMMANDS "cp scripts/rpm/falco.service _CPack_Packages/${CPACK_TOPLEVEL_TAG}/${CPACK_GENERATOR}/${CPACK_PACKAGE_FILE_NAME}/usr/lib/systemd/system")
+	list(APPEND CPACK_INSTALL_COMMANDS "cp scripts/rpm/falco_inject_kmod.service _CPack_Packages/${CPACK_TOPLEVEL_TAG}/${CPACK_GENERATOR}/${CPACK_PACKAGE_FILE_NAME}/usr/lib/systemd/system")
 endif()
 
 if(CPACK_GENERATOR MATCHES "TGZ")
diff --git a/scripts/CMakeLists.txt b/scripts/CMakeLists.txt
index 676044ac126..61172f6fff0 100644
--- a/scripts/CMakeLists.txt
+++ b/scripts/CMakeLists.txt
@@ -22,6 +22,9 @@ configure_file(debian/prerm.in debian/prerm)
 file(COPY "${PROJECT_SOURCE_DIR}/scripts/debian/falco.service"
 	DESTINATION "${PROJECT_BINARY_DIR}/scripts/debian")
 
+file(COPY "${PROJECT_SOURCE_DIR}/scripts/debian/falco_inject_kmod.service"
+	DESTINATION "${PROJECT_BINARY_DIR}/scripts/debian")
+
 configure_file(rpm/postinstall.in rpm/postinstall)
 configure_file(rpm/postuninstall.in rpm/postuninstall)
 configure_file(rpm/preuninstall.in rpm/preuninstall)
@@ -29,6 +32,9 @@ configure_file(rpm/preuninstall.in rpm/preuninstall)
 file(COPY "${PROJECT_SOURCE_DIR}/scripts/rpm/falco.service"
 	DESTINATION "${PROJECT_BINARY_DIR}/scripts/rpm")
 
+file(COPY "${PROJECT_SOURCE_DIR}/scripts/rpm/falco_inject_kmod.service"
+	DESTINATION "${PROJECT_BINARY_DIR}/scripts/rpm")
+
 configure_file(falco-driver-loader falco-driver-loader @ONLY)
 
 if(CMAKE_SYSTEM_NAME MATCHES "Linux")
diff --git a/scripts/debian/falco.service b/scripts/debian/falco.service
index 35ae6ba8fe9..0e3e16ce176 100644
--- a/scripts/debian/falco.service
+++ b/scripts/debian/falco.service
@@ -1,11 +1,12 @@
 [Unit]
 Description=Falco: Container Native Runtime Security
 Documentation=https://falco.org/docs/
+After=falco_inject_kmod.service
+Requires=falco_inject_kmod.service
 
 [Service]
 Type=simple
 User=root
-ExecStartPre=/sbin/modprobe falco
 ExecStart=/usr/bin/falco --pidfile=/var/run/falco.pid
 ExecStopPost=/sbin/rmmod falco
 UMask=0077
@@ -17,6 +18,7 @@ NoNewPrivileges=yes
 ProtectHome=read-only
 ProtectSystem=full
 ProtectKernelTunables=true
+ReadWritePaths=/sys/module/falco
 RestrictRealtime=true
 RestrictAddressFamilies=~AF_PACKET
 
diff --git a/scripts/debian/falco_inject_kmod.service b/scripts/debian/falco_inject_kmod.service
new file mode 100644
index 00000000000..204e695f923
--- /dev/null
+++ b/scripts/debian/falco_inject_kmod.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=Falco: Container Native Runtime Security
+Documentation=https://falco.org/docs/
+Before=falco.service
+Wants=falco.service
+
+[Service]
+Type=oneshot
+User=root
+ExecStart=/sbin/modprobe falco
+Restart=on-failure
+TimeoutSec=30s
+RestartSec=15s
+
+[Install]
+WantedBy=multi-user.target
diff --git a/scripts/rpm/falco.service b/scripts/rpm/falco.service
index ede6c2e356d..1d66d440712 100644
--- a/scripts/rpm/falco.service
+++ b/scripts/rpm/falco.service
@@ -1,11 +1,12 @@
 [Unit]
 Description=Falco: Container Native Runtime Security
 Documentation=https://falco.org/docs/
+After=falco_inject_kmod.service
+Requires=falco_inject_kmod.service
 
 [Service]
 Type=simple
 User=root
-ExecStartPre=/sbin/modprobe falco
 ExecStart=/usr/bin/falco --pidfile=/var/run/falco.pid
 ExecStopPost=/sbin/rmmod falco
 UMask=0077
@@ -17,6 +18,7 @@ NoNewPrivileges=yes
 ProtectHome=read-only
 ProtectSystem=full
 ProtectKernelTunables=true
+ReadWritePaths=/sys/module/falco
 RestrictRealtime=true
 RestrictAddressFamilies=~AF_PACKET
 StandardOutput=null
diff --git a/scripts/rpm/falco_inject_kmod.service b/scripts/rpm/falco_inject_kmod.service
new file mode 100644
index 00000000000..204e695f923
--- /dev/null
+++ b/scripts/rpm/falco_inject_kmod.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=Falco: Container Native Runtime Security
+Documentation=https://falco.org/docs/
+Before=falco.service
+Wants=falco.service
+
+[Service]
+Type=oneshot
+User=root
+ExecStart=/sbin/modprobe falco
+Restart=on-failure
+TimeoutSec=30s
+RestartSec=15s
+
+[Install]
+WantedBy=multi-user.target