diff --git a/core/mondoo-linux-workstation-security.mql.yaml b/core/mondoo-linux-workstation-security.mql.yaml
index 01b7df62..efb32c47 100644
--- a/core/mondoo-linux-workstation-security.mql.yaml
+++ b/core/mondoo-linux-workstation-security.mql.yaml
@@ -64,6 +64,7 @@ policies:
       - title: Secure Boot
         filters: |
           asset.family.contains(_ == 'linux')
+          packages.where(name == /xorg|xserver|wayland/i).any(installed)
         checks:
           - uid: mondoo-linux-workstation-security-permissions-on-bootloader-config-are-configured
           - uid: mondoo-linux-workstation-security-secure-boot-is-enabled
@@ -73,6 +74,7 @@ policies:
       - title: Disk encryption
         filters: |
           asset.family.contains(_ == 'linux')
+          packages.where(name == /xorg|xserver|wayland/i).any(installed)
         checks:
           - uid: mondoo-linux-workstation-security-aes-encryption-algorithm
           - uid: mondoo-linux-workstation-security-root-and-home-are-encrypted
@@ -83,6 +85,7 @@ policies:
         filters: |
           asset.family.contains(_ == 'linux')
           package('fwupd').installed
+          packages.where(name == /xorg|xserver|wayland/i).any(installed)
         checks:
           - uid: mondoo-linux-workstation-security-bios-uptodate
         queries: