diff --git a/x-pack/test_serverless/api_integration/test_suites/common/security_response_headers.ts b/x-pack/test_serverless/api_integration/test_suites/common/security_response_headers.ts
index 2601e1cfed75f73..47f541184a37c01 100644
--- a/x-pack/test_serverless/api_integration/test_suites/common/security_response_headers.ts
+++ b/x-pack/test_serverless/api_integration/test_suites/common/security_response_headers.ts
@@ -25,7 +25,7 @@ export default function ({ getService }: FtrProviderContext) {
     it('API endpoint response contains default security headers', async () => {
       const { header } = await supertest
         .get(`/internal/security/me`)
-        .set(svlCommonApi.getCommonRequestHeader())
+        .set(svlCommonApi.getInternalRequestHeader())
         .expect(200);
 
       expect(header).toBeDefined();
@@ -40,9 +40,9 @@ export default function ({ getService }: FtrProviderContext) {
 
     it('redirect endpoint response contains default security headers', async () => {
       const { header } = await supertest
-        .get(`/login`)
+        .get(`/logout`)
         .set(svlCommonApi.getCommonRequestHeader())
-        .expect(302);
+        .expect(200);
 
       expect(header).toBeDefined();
       expect(header['content-security-policy']).toEqual(defaultCSP);