diff --git a/falco/helm-values/falco.yaml b/falco/helm-values/falco.yaml
index 2e373eb..0be0960 100644
--- a/falco/helm-values/falco.yaml
+++ b/falco/helm-values/falco.yaml
@@ -140,6 +140,19 @@ falcosidekick:
         # cpu: removed to prevent throttling
         memory: 512Mi
 
+    # Environment variables from Vault secret
+    env:
+      - name: FALCOSIDEKICK_USERNAME
+        valueFrom:
+          secretKeyRef:
+            name: falco-ui-secret
+            key: username
+      - name: FALCOSIDEKICK_PASSWORD
+        valueFrom:
+          secretKeyRef:
+            name: falco-ui-secret
+            key: password
+
 # RBAC
 rbac:
   create: true
diff --git a/falco/kustomization.yaml b/falco/kustomization.yaml
index f11538b..857dc52 100644
--- a/falco/kustomization.yaml
+++ b/falco/kustomization.yaml
@@ -5,5 +5,7 @@ resources:
   # ArgoCD Application 리소스는 root kustomization.yaml에서 관리
   # - argocd/falco.yaml
 
+  # Falco UI credentials from Vault
+  - vault/falco-ui-secret.yaml
   # Falco UI Ingress
   - ingress/falco-ui-ingress.yaml
diff --git a/falco/vault/falco-ui-secret.yaml b/falco/vault/falco-ui-secret.yaml
new file mode 100644
index 0000000..7c81007
--- /dev/null
+++ b/falco/vault/falco-ui-secret.yaml
@@ -0,0 +1,23 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: falco-ui-secret
+  namespace: falco
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: vault-backend
+  target:
+    name: falco-ui-secret
+    creationPolicy: Owner
+  data:
+    - secretKey: username
+      remoteRef:
+        key: cluster-infrastructure/falco
+        property: UI_USERNAME
+    - secretKey: password
+      remoteRef:
+        key: cluster-infrastructure/falco
+        property: UI_PASSWORD
+