diff --git a/examples/tracingpolicy/override-security.yaml b/examples/tracingpolicy/override-security.yaml
new file mode 100644
index 00000000000..2a84efe071b
--- /dev/null
+++ b/examples/tracingpolicy/override-security.yaml
@@ -0,0 +1,16 @@
+apiVersion: cilium.io/v1alpha1
+kind: TracingPolicy
+metadata:
+  name: "syswritefollowfdpsswd"
+spec:
+  kprobes:
+  - call: "security_inode_mkdir"
+    syscall: false
+    selectors:
+    - matchBinaries:
+      - operator: "In"
+        values:
+        - "/usr/bin/bash"
+    - matchActions:
+      - action: Override
+        argError: -1