diff --git a/pkg/helm/charts/tests/centralservices/testdata/helmtest/image-pull-secrets.test.yaml b/pkg/helm/charts/tests/centralservices/testdata/helmtest/image-pull-secrets.test.yaml
index 95c3881704022..ee6026af8f87a 100644
--- a/pkg/helm/charts/tests/centralservices/testdata/helmtest/image-pull-secrets.test.yaml
+++ b/pkg/helm/charts/tests/centralservices/testdata/helmtest/image-pull-secrets.test.yaml
@@ -45,6 +45,19 @@ tests:
     tests:
     - name: "should fail with no extra secrets"
       expectError: true
+    - name: "should succeed with pull secrets referenced in default SA"
+      server:
+        objects:
+        - apiVersion: v1
+          kind: ServiceAccount
+          metadata:
+            name: default
+            namespace: stackrox
+          imagePullSecrets:
+          - name: from-default-1
+          - name: from-default-2
+      expect: |
+        .serviceaccounts[] | saRefersTo(["from-default-1", "from-default-2"])
     - name: "should succeed with useExisting"
       expect: |
         .serviceaccounts[] | saRefersTo(["extra-secret1", "extra-secret2"])
@@ -85,6 +98,19 @@ tests:
         password: ""
     expect: |
       authForCentral | assertThat(. == "foo:")
+  - name: "secrets from default SA are referenced, if present"
+    server:
+      objects:
+      - apiVersion: v1
+        kind: ServiceAccount
+        metadata:
+          name: default
+          namespace: stackrox
+        imagePullSecrets:
+        - name: from-default-1
+        - name: from-default-2
+    expect: |
+      .serviceaccounts[] | saRefersTo(["from-default-1", "from-default-2"])
   - name: "useExisting secrets are referenced, if specified"
     set:
       imagePullSecrets.useExisting: ["extra-secret1", "extra-secret2"]
diff --git a/pkg/helm/charts/tests/securedclusterservices/testdata/helmtest/image-pull-secrets.test.yaml b/pkg/helm/charts/tests/securedclusterservices/testdata/helmtest/image-pull-secrets.test.yaml
index 1da9093993eb6..72c17f17671b8 100644
--- a/pkg/helm/charts/tests/securedclusterservices/testdata/helmtest/image-pull-secrets.test.yaml
+++ b/pkg/helm/charts/tests/securedclusterservices/testdata/helmtest/image-pull-secrets.test.yaml
@@ -42,6 +42,19 @@ tests:
     tests:
     - name: "should fail with no extra secrets"
       expectError: true
+    - name: "should succeed with pull secrets referenced in default SA"
+      server:
+        objects:
+        - apiVersion: v1
+          kind: ServiceAccount
+          metadata:
+            name: default
+            namespace: stackrox
+          imagePullSecrets:
+          - name: from-default-1
+          - name: from-default-2
+      expect: |
+        .serviceaccounts[] | saRefersTo(["from-default-1", "from-default-2"])
     - name: "should succeed with useExisting"
       expect: |
         .serviceaccounts[] | saRefersTo(["extra-secret1", "extra-secret2"])
@@ -92,6 +105,19 @@ tests:
     expect: |
       authForMain | assertThat(. == "foo:")
       authForCollector | assertThat(. == "foo:")
+  - name: "secrets from default SA are referenced, if present"
+    server:
+      objects:
+      - apiVersion: v1
+        kind: ServiceAccount
+        metadata:
+          name: default
+          namespace: stackrox
+        imagePullSecrets:
+        - name: from-default-1
+        - name: from-default-2
+    expect: |
+      .serviceaccounts[] | saRefersTo(["from-default-1", "from-default-2"])
   - name: "useExisting secrets are referenced, if specified"
     set:
       imagePullSecrets.useExisting: ["extra-secret1", "extra-secret2"]