diff --git a/go.mod b/go.mod
index eb92390..ba2e120 100644
--- a/go.mod
+++ b/go.mod
@@ -7,10 +7,10 @@ replace (
 	github.com/golang/mock => github.com/golang/mock v1.6.0
 	github.com/golang/protobuf => github.com/golang/protobuf v1.5.4
 	github.com/google/go-cmp => github.com/google/go-cmp v0.6.0
-	github.com/google/pprof => github.com/google/pprof v0.0.0-20240402174815-29b9bb013b0f
+	github.com/google/pprof => github.com/google/pprof v0.0.0-20240409012703-83162a5b38cd
 	github.com/mwitkow/grpc-proxy => github.com/mwitkow/grpc-proxy v0.0.0-20181017164139-0f1106ef9c76
 	golang.org/x/crypto => golang.org/x/crypto v0.22.0
-	golang.org/x/exp => golang.org/x/exp v0.0.0-20240404231335-c0f41cb1a7a0
+	golang.org/x/exp => golang.org/x/exp v0.0.0-20240409090435-93d18d7e34b8
 	golang.org/x/image => golang.org/x/image v0.15.0
 	golang.org/x/lint => golang.org/x/lint v0.0.0-20210508222113-6edffad5e616
 	golang.org/x/mobile => golang.org/x/mobile v0.0.0-20240404231514-09dbf07665ed
@@ -26,8 +26,8 @@ replace (
 	golang.org/x/xerrors => golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028
 	google.golang.org/api => google.golang.org/api v0.172.0
 	google.golang.org/appengine => google.golang.org/appengine v1.6.8
-	google.golang.org/genproto => google.golang.org/genproto v0.0.0-20240401170217-c3f982113cda
-	google.golang.org/grpc => google.golang.org/grpc v1.63.0
+	google.golang.org/genproto => google.golang.org/genproto v0.0.0-20240412170617-26222e5d3d56
+	google.golang.org/grpc => google.golang.org/grpc v1.63.2
 	google.golang.org/protobuf => google.golang.org/protobuf v1.33.0
 )
 
diff --git a/go.sum b/go.sum
index ae65f0c..f7e6c29 100644
--- a/go.sum
+++ b/go.sum
@@ -78,8 +78,8 @@ golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/tools v0.20.0/go.mod h1:WvitBU7JJf6A4jOdg4S1tviW9bhUxkgeCui/0JHctQg=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20240227224415-6ceb2ff114de h1:cZGRis4/ot9uVm639a+rHCUaG0JJHEsdyzSQTMX+suY=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:H4O17MA/PE9BsGx3w+a+W2VOLLD1Qf7oJneAoU6WktY=
-google.golang.org/grpc v1.63.0 h1:WjKe+dnvABXyPJMD7KDNLxtoGk5tgk+YFWN6cBWjZE8=
-google.golang.org/grpc v1.63.0/go.mod h1:WAX/8DgncnokcFUldAxq7GeB5DXHDbMF+lLvDomNkRA=
+google.golang.org/grpc v1.63.2 h1:MUeiw1B2maTVZthpU5xvASfTh3LDbxHd6IJ6QQVU+xM=
+google.golang.org/grpc v1.63.2/go.mod h1:WAX/8DgncnokcFUldAxq7GeB5DXHDbMF+lLvDomNkRA=
 google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
 google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
diff --git a/handler/handler_test.go b/handler/handler_test.go
index 3c932d6..eea69e7 100644
--- a/handler/handler_test.go
+++ b/handler/handler_test.go
@@ -690,8 +690,19 @@ func Test_transportFromCfg(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if got := transportFromCfg(tt.args.cfg); !reflect.DeepEqual(got, tt.want) {
-				t.Errorf("transportFromCfg() = %v, want %v", got, tt.want)
+			got := transportFromCfg(tt.args.cfg)
+
+			gotProxy := reflect.ValueOf(got.Proxy).Pointer()
+			wantProxy := reflect.ValueOf(tt.want.Proxy).Pointer()
+			if gotProxy != wantProxy {
+				t.Errorf("transportFromCfg().Proxy = %+v, want.proxy = %+v", gotProxy, wantProxy)
+			}
+
+			// non-nil function pointers cannot be compared by reflect.DeepEqual
+			got.Proxy = nil
+			tt.want.Proxy = nil
+			if !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("transportFromCfg() = %+v, want = %+v", got, tt.want)
 			}
 		})
 	}
diff --git a/usecase/authz_proxyd.go b/usecase/authz_proxyd.go
index 9599820..c8f5d80 100644
--- a/usecase/authz_proxyd.go
+++ b/usecase/authz_proxyd.go
@@ -186,6 +186,7 @@ func (g *authzProxyDaemon) Start(ctx context.Context) <-chan []error {
 
 func newAuthzD(cfg config.Config) (service.Authorizationd, error) {
 	client := http.DefaultClient
+	client.Transport = http.DefaultTransport
 	if cfg.Athenz.Timeout != "" {
 		t, err := time.ParseDuration(cfg.Athenz.Timeout)
 		if err != nil {
@@ -198,10 +199,8 @@ func newAuthzD(cfg config.Config) (service.Authorizationd, error) {
 		if err != nil {
 			return nil, errors.Wrap(err, "newAuthzD(): Athenz.CAPath")
 		}
-		client.Transport = &http.Transport{
-			TLSClientConfig: &tls.Config{
-				RootCAs: cp,
-			},
+		client.Transport.(*http.Transport).TLSClientConfig = &tls.Config{
+			RootCAs: cp,
 		}
 	}