diff --git a/pillar/top.sls b/pillar/top.sls
index faf0387a6..5401b83e3 100644
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -110,6 +110,9 @@ base:
     - elasticsearch.eval
 {% if salt['file.file_exists']('/opt/so/saltstack/local/pillar/elasticsearch/auth.sls') %}
     - elasticsearch.auth
+{% endif %}
+{% if salt['file.file_exists']('/opt/so/saltstack/local/pillar/kibana/secrets.sls') %}
+    - kibana.secrets
 {% endif %}
     - global
     - minions.{{ grains.id }}
diff --git a/salt/kibana/config.map.jinja b/salt/kibana/config.map.jinja
index 351ccdbe5..58f1fbf67 100644
--- a/salt/kibana/config.map.jinja
+++ b/salt/kibana/config.map.jinja
@@ -6,8 +6,10 @@
   {% do KIBANACONFIG.kibana.config.xpack.update({'security': {'authc': {'providers': {'anonymous': {'anonymous1': {'order': 0, 'credentials': 'elasticsearch_anonymous_user'}}}}}}) %}
 {% endif %}
 
-{% if salt['file.file_exists']('/opt/so/saltstack/local/pillar/kibana/secrets.sls') %}
-  {% do KIBANACONFIG.kibana.config.xpack.update({'encryptedSavedObjects': {'encryptionKey': pillar['kibana']['secrets']['encryptedSavedObjects']['encryptionKey'] }}) %}
+{% if salt['pillar.get']('kibana:secrets') %}
+  {% do KIBANACONFIG.kibana.config.xpack.update({'encryptedSavedObjects': {'encryptionKey': pillar['kibana']['secrets']['encryptedSavedObjects']['encryptionKey']}}) %}
+  {% do KIBANACONFIG.kibana.config.xpack.security.update({'encryptionKey': pillar['kibana']['secrets']['security']['encryptionKey']}) %}
+  {% do KIBANACONFIG.kibana.config.xpack.update({'reporting': {'encryptionKey': pillar['kibana']['secrets']['reporting']['encryptionKey']}}) %}
 {% endif %}
 
 {% set KIBANACONFIG = salt['pillar.get']('kibana:config', default=KIBANACONFIG.kibana.config, merge=True) %}
diff --git a/salt/kibana/defaults.yaml b/salt/kibana/defaults.yaml
index feb49f654..58632907c 100644
--- a/salt/kibana/defaults.yaml
+++ b/salt/kibana/defaults.yaml
@@ -30,3 +30,5 @@ kibana:
     xpack:
       ml:
         enabled: False
+      security:
+        secureCookies: True
diff --git a/salt/kibana/secrets.sls b/salt/kibana/secrets.sls
index 8bc2c2cc4..a863f114b 100644
--- a/salt/kibana/secrets.sls
+++ b/salt/kibana/secrets.sls
@@ -2,6 +2,8 @@
 {% if sls in allowed_states %}
 
   {% set kibana_encryptedSavedObjects_encryptionKey = salt['pillar.get']('kibana:secrets:encryptedSavedObjects:encryptionKey', salt['random.get_str'](72)) %}
+  {% set kibana_security_encryptionKey = salt['pillar.get']('kibana:secrets:security:encryptionKey', salt['random.get_str'](72)) %}
+  {% set kibana_reporting_encryptionKey = salt['pillar.get']('kibana:secrets:reporting:encryptionKey', salt['random.get_str'](72)) %}
 
 kibana_pillar_directory:
   file.directory:
@@ -17,6 +19,10 @@ kibana_secrets_pillar:
           secrets:
             encryptedSavedObjects:
               encryptionKey: {{ kibana_encryptedSavedObjects_encryptionKey }}
+            security:
+              encryptionKey: {{ kibana_security_encryptionKey }}
+            reporting:
+              encryptionKey: {{ kibana_reporting_encryptionKey }}
     - show_changes: False
 
 {% else %}