diff --git a/pkg/bpf/detect.go b/pkg/bpf/detect.go
index 9f862ec16e3..e0ecccff2e0 100644
--- a/pkg/bpf/detect.go
+++ b/pkg/bpf/detect.go
@@ -36,6 +36,7 @@ var (
 	modifyReturn        Feature
 	modifyReturnSyscall Feature
 	linkPin             Feature
+	lsm                 Feature
 )
 
 func HasOverrideHelper() bool {
@@ -222,7 +223,7 @@ func HasProgramLargeSize() bool {
 	return features.HaveLargeInstructions() == nil
 }
 
-func HasLSMPrograms() bool {
+func detectLSM() bool {
 	if features.HaveProgramType(ebpf.LSM) != nil {
 		return false
 	}
@@ -232,11 +233,44 @@ func HasLSMPrograms() bool {
 		return false
 	}
 	if strings.Contains(string(b), "bpf") {
+		prog, err := ebpf.NewProgram(&ebpf.ProgramSpec{
+			Name: "probe_lsm_file_open",
+			Type: ebpf.LSM,
+			Instructions: asm.Instructions{
+				asm.Mov.Imm(asm.R0, 0),
+				asm.Return(),
+			},
+			AttachTo:   "file_open",
+			AttachType: ebpf.AttachLSMMac,
+			License:    "Dual BSD/GPL",
+		})
+		if err != nil {
+			logger.GetLogger().WithError(err).Error("failed to load lsm probe")
+			return false
+		}
+		defer prog.Close()
+
+		link, err := link.AttachLSM(link.LSMOptions{
+			Program: prog,
+		})
+		if err != nil {
+			logger.GetLogger().WithError(err).Error("failed to attach lsm probe")
+			return false
+		}
+		link.Close()
 		return true
 	}
+
 	return false
 }
 
+func HasLSMPrograms() bool {
+	lsm.init.Do(func() {
+		lsm.detected = detectLSM()
+	})
+	return lsm.detected
+}
+
 func detectLinkPin() (bool, error) {
 	prog, err := ebpf.NewProgram(&ebpf.ProgramSpec{
 		Name: "probe_bpf_kprobe",